Windows: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2018.0056
              Security updates for Microsoft Windows versions
                               14 March 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Windows
Operating System:     Windows
Impact/Access:        Administrator Compromise        -- Existing Account            
                      Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Increased Privileges            -- Existing Account            
                      Access Privileged Data          -- Existing Account            
                      Denial of Service               -- Existing Account            
                      Read-only Data Access           -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2018-0983 CVE-2018-0977 CVE-2018-0926
                      CVE-2018-0904 CVE-2018-0902 CVE-2018-0901
                      CVE-2018-0900 CVE-2018-0899 CVE-2018-0898
                      CVE-2018-0897 CVE-2018-0896 CVE-2018-0895
                      CVE-2018-0894 CVE-2018-0888 CVE-2018-0886
                      CVE-2018-0885 CVE-2018-0884 CVE-2018-0883
                      CVE-2018-0882 CVE-2018-0881 CVE-2018-0880
                      CVE-2018-0878 CVE-2018-0877 CVE-2018-0868
                      CVE-2018-0817 CVE-2018-0816 CVE-2018-0815
                      CVE-2018-0814 CVE-2018-0813 CVE-2018-0811
Member content until: Friday, April 13 2018

OVERVIEW

        Microsoft has released its monthly security patch update for the month of
        March 2018. [1]  This update resolves 30 vulnerabilities across the following
        products:
         Windows 10 Version 1511 for 32-bit Systems
         Windows 10 Version 1511 for x64-based Systems
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2018-0811   Information Disclosure   Important
         CVE-2018-0813   Information Disclosure   Important
         CVE-2018-0814   Information Disclosure   Important
         CVE-2018-0815   Elevation of Privilege   Important
         CVE-2018-0816   Elevation of Privilege   Important
         CVE-2018-0817   Elevation of Privilege   Important
         CVE-2018-0868   Elevation of Privilege   Important
         CVE-2018-0877   Elevation of Privilege   Important
         CVE-2018-0878   Information Disclosure   Important
         CVE-2018-0880   Elevation of Privilege   Important
         CVE-2018-0881   Elevation of Privilege   Important
         CVE-2018-0882   Elevation of Privilege   Important
         CVE-2018-0883   Remote Code Execution    Important
         CVE-2018-0884   Security Feature Bypass  Important
         CVE-2018-0885   Denial of Service        Important
         CVE-2018-0886   Remote Code Execution    Important
         CVE-2018-0888   Information Disclosure   Important
         CVE-2018-0894   Information Disclosure   Important
         CVE-2018-0895   Information Disclosure   Important
         CVE-2018-0896   Information Disclosure   Important
         CVE-2018-0897   Information Disclosure   Important
         CVE-2018-0898   Information Disclosure   Important
         CVE-2018-0899   Information Disclosure   Important
         CVE-2018-0900   Information Disclosure   Important
         CVE-2018-0901   Information Disclosure   Important
         CVE-2018-0902   Security Feature Bypass  Important
         CVE-2018-0904   Information Disclosure   Important
         CVE-2018-0926   Information Disclosure   Important
         CVE-2018-0977   Elevation of Privilege   Important
         CVE-2018-0983   Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on
        the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
        
         KB4088827, KB4088776, KB4056564, KB4088782, KB4088880
         KB4089229, KB4073011, KB4089175, KB4089344, KB4089453
         KB4088786, KB4088787, KB4088779, KB4088878, KB4088879
         KB4088876, KB4088877, KB4087398, KB4088875


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWqhp7Yx+lLeg9Ub1AQhc0Q//c/UCvw8K6z15PgMG9M6DRH1JyKMz9yRi
VKskuLJ6SW4hQdFzawXDK3KgYXjhqL1xtyc5bskVZOAsK3ofuwKingp8MdwKvRyv
HSLo0q5vJbNk9DJ5BQvpsSE2JgkyZwdrNe8yDCDe8iiv+iZqV2n8zgAoqXPxNBKM
RC8UElBA03QD62A1lfvpTnFFJMIrX+lag0VKMNY44IjX267X3jkn8aIKT75Jvg8/
UcMhJHshNg8dOdnSUIuxdi/U0eSVLM4I39HXBNOGxUsQE1OfyKoYvZ8K3RqweDTn
B9HxAY8AwlXLHDpRHHNR1mLvGPl73BTzDKDpNgJul1MVY9C2nOC8YZqBbcYKqkC8
VSvbGPlugLC70vcNeoZbPYidJygEd5OfYUn2RbuQpykigMqwgN63RC2DK4ml0lr8
RD39GpQBjbYbTCcSMjkKqOiKYlAARuNnIg/mfj1dO4w/FkJORbQUxwtl7yN+kb4m
3mvWW+8uceEyaQiALh9N9KQC+BSSDtKu1MfKoWZoWU9tInpPDZ+0p6Mh+8TfFWHI
8cNnA1J0a82ZmMC/vYKuRoLQYCjbAQBXQP+ktBPPyt9akq0iZM7zXs/SgdcCVoAS
OD0W9v2AWTFdRMg2VpdHyjPQeqiRLpapTpprwSOXBJ70PvFIFkNxevsELGGZKxe7
GfmDlPYofJo=
=bDwH
-----END PGP SIGNATURE-----