-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2018.0288
                     November 2018 updates for Windows
                             14 November 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Windows 10
                      Windows 8
                      Windows 7
                      Windows RT
                      Windows Server 2008
                      Windows Server 2012
                      Windows Server 2016
                      Windows Server 2019
Operating System:     Windows
Impact/Access:        Administrator Compromise -- Existing Account            
                      Access Privileged Data   -- Existing Account            
                      Increased Privileges     -- Console/Physical            
                      Denial of Service        -- Remote with User Interaction
                      Cross-site Scripting     -- Existing Account            
                      Reduced Security         -- Existing Account            
                      Access Confidential Data -- Console/Physical            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2018-8592 CVE-2018-8589 CVE-2018-8584
                      CVE-2018-8566 CVE-2018-8565 CVE-2018-8563
                      CVE-2018-8562 CVE-2018-8561 CVE-2018-8554
                      CVE-2018-8553 CVE-2018-8550 CVE-2018-8549
                      CVE-2018-8547 CVE-2018-8544 CVE-2018-8485
                      CVE-2018-8476 CVE-2018-8471 CVE-2018-8454
                      CVE-2018-8450 CVE-2018-8417 CVE-2018-8415
                      CVE-2018-8408 CVE-2018-8407 CVE-2018-8256
Member content until: Friday, December 14 2018

OVERVIEW

        Microsoft has released its monthly security patch update for
        the month of November 2018.
        
        This update resolves 25 vulnerabilities across the following
        products: [1]
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

         Details         Impact                   Severity
         ADV990001       Defense in Depth         None
         CVE-2018-8256   Remote Code Execution    Important
         CVE-2018-8407   Information Disclosure   Important
         CVE-2018-8408   Information Disclosure   Important
         CVE-2018-8415   Tampering                Important
         CVE-2018-8417   Security Feature Bypass  Important
         CVE-2018-8450   Remote Code Execution    Important
         CVE-2018-8454   Information Disclosure   Important
         CVE-2018-8471   Elevation of Privilege   Important
         CVE-2018-8476   Remote Code Execution    Critical
         CVE-2018-8485   Elevation of Privilege   Important
         CVE-2018-8544   Remote Code Execution    Critical
         CVE-2018-8547   Spoofing                 Important
         CVE-2018-8549   Security Feature Bypass  Important
         CVE-2018-8550   Elevation of Privilege   Important
         CVE-2018-8553   Remote Code Execution    Critical
         CVE-2018-8554   Elevation of Privilege   Important
         CVE-2018-8561   Elevation of Privilege   Important
         CVE-2018-8562   Elevation of Privilege   Important
         CVE-2018-8563   Information Disclosure   Important
         CVE-2018-8565   Information Disclosure   Important
         CVE-2018-8566   Security Feature Bypass  Important
         CVE-2018-8584   Elevation of Privilege   Important
         CVE-2018-8589   Elevation of Privilege   Important
         CVE-2018-8592   Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version
        made available on the Microsoft Update Catalogue for the
        following Knowledge Base articles. [1]
        
        
         KB3173426, KB3173424, KB3020369, KB3177467, KB4467706
         KB4467703, KB4467702, KB4467701, KB4467700, KB4467708
         KB4465659, KB4467107, KB4467106, KB4467691, KB4467697
         KB4467696, KB4467678, KB4465663, KB4465660, KB4465661
         KB4465664, KB4467686, KB4093430, KB4467680


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW+tzIWaOgq3Tt24GAQhlyA//eexv2ZEnhg1NG4yw/ntKSu0igiWy1lBG
7VC+ly8+4fvZxCDFggPxGHEN6EYNglp9htSxvCe+iyneAhufivIh4PKzWwz04/j+
3k2//DJ9YawzK5OOYVtZvBz/m29ZOHzaLiyd5YOujMNNZjYUhPLaYkhYqhlwHZLe
OkZRQJxO9aQ5qdCjdj9IoumzLEwBJdRHWtidipbAhiwv/4RsEPRYO05Z5CKi6IIq
h52pX4HA7DbVzFMB9CPOC7Jii+mDqCOG8D0M238Y5Zqt6cxeLMmsB0AclWJP3MY4
OXckqgTiggOQPxTiKqRUT/TdnscOpXe3seG1cQzbE84onzbWqhIpGsrAJirVsD7r
HsB231iDpqbLWLggckEMdjrXExfFaE3pVsMK8OekaULmEjnKxGcpb2bpa3e7xeXm
FR69JeRX6Bq61OYmTee+Hiyag1ES/RXgyhRrRxRpJrqT6KrIqVPtTPtJYP0tJ2H9
AbePO4+G1rH5eLdRq+xzFWu3eSUrZucXnJRmTVnrxjXqincjGxvtWBhh7jkx42s/
wB8i5sRzD/JGoYsR3M6jMf2YYWnd8ZB2kBPOhUscJ53oabxyUsBdYTmIuuR0uWPu
zH1MnfNIWNe3uBEDu96Mdx9R917NrPCYgd1LQ2I2KpMWSS43s+xwHDrEnmO6y1dl
Npq5xcrLSzk=
=csbt
-----END PGP SIGNATURE-----