Telspace Systems Security Advisory (TSA-2018-002)

Security Advisory

TSA-2018-002: Microsoft Edge Information Disclosure Vulnerability

CVE Number: CVE-2018-0839

Summary

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Details and crash information

edgehtml!Ordinal125+0xe3c86:

5ef196d6 8b5928          mov     ebx,dword ptr [ecx+28h] ds:0023:117cd008=????????

Vendor: Microsoft

Product: Edge

Version: 11.0.15063.67

Vendor URLs:

• https://www.microsoft.com
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839
• https://www.zerodayinitiative.com/advisories/ZDI-18-167/

Vendor Response

The vendor has patched the vulnerability and released a new version

Disclosure Timeline

• 23-11-2017 – Initial Discovery
• 29-11-2017 – ZDI Notification
• 07-12-2017 - Vendor notification
• 21-02-2018 - Coordinated public release of advisory

Credit

This vulnerability was discovered by Dmitri Kaslov of Telspace Systems

Telspace Systems Security Advisory (TSA-2018-001)

Security Advisory

TSA-2018-001: Microsoft Access Information Disclosure Vulnerability

CVE Number: CVE-2018-0853

Summary

An information disclosure vulnerability exists when Microsoft Office Access software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Details and crash information

VCRUNTIME140!memcpy+0x4e:

72edd1ce f3a4            rep movs byte ptr es:[edi],byte ptr [esi]

Vendor: Microsoft

Product: Access

Version: 16.0.8625.2127

Vendor URLs:

• https://www.microsoft.com
• https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-0853

Vendor Response

The vendor has patched the vulnerability and released a new version.

Disclosure Timeline

• 23-11-2017 – Initial Discovery
• 25-11-2017 – Vendor Notification
• 19-01-2018 – Vendor Patch
• 13-02-2018 – Public Disclosure

Credit

This vulnerability was discovered by Dmitri Kaslov of Telspace Systems

Telspace Systems Security Advisory (TSA-2017-005)

Telspace Systems Security Advisory

TSA-2017-005: Internet Explorer Information Disclosure Vulnerability

CVE number

CVE-2017-11790

Summary

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploits the vulnerability could obtain information to further compromise the user’s system 

Vendor

Microsoft

Product

Internet Explorer

Version

11.0.15063.540

Vendor URL

https://www.microsoft.com
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11790

Details and crash information

iertutil!CreateUriPriv+0x43:
00007ff8`001be203 66391479 cmp word ptr [rcx+rdi*2],dx ds:0000012f`76037000=????

Vendor response

The vendor has patched the vulnerability and released a new version 

Disclosure Timeline

02-08-2017 – Initial Discovery

14-09-2017 – Vendor Notification

10-10-2017 – Vendor Patch

11-10-2017 – Public Disclosure

Credit

This vulnerability was discovered by Dmitri Kaslov of Telspace Systems

Microsoft’s emergency and Google’s malware

This summary is not available. Please click here to view the post.