2018-OCT-09 FSL version 7.6.59 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 24210 - (MSPT-Oct2018) Microsoft Graphics Components Handle Objects in Memory Remote Code Execution (CVE-2018- 8432) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8432 Description A vulnerability in some versions of Microsoft Graphics Components could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Graphics Components could lead to remote code execution. The flaw is due to improper handling of a specially crafted file. Successful exploitation by a remote attacker could result in the execution of arbitrary code. 24212 - (MSPT-Oct2018) Microsoft Windows Theme API Remote Code Execution (CVE-2018-8413) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8413 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Theme API component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. 24214 - (MSPT-Oct2018) Microsoft JET Database Engine Remote Code Execution (CVE-2018-8423) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8423 Description A vulnerability in some versions of Microsoft JET could lead to remote code execution. Observation A vulnerability in some versions of Microsoft JET could lead to remote code execution. The flaw lies in the Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. 24226 - (MSPT-Oct2018) Microsoft XML Core Services MSXML Remote Code Execution (CVE-2018-8494) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8494 Description A vulnerability in some versions of Microsoft XML Core Services could lead to remote code execution. Observation A vulnerability in some versions of Microsoft XML Core Services could lead to remote code execution. The flaw lies in the MSXML component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24237 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8503) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8503 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24238 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8505) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8505 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24239 - (MSPT-Oct2018) Microsoft Edge Improperly Handles Objects In Memory Remote Code Execution Vulnerability (CVE-2018-8509) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8509 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Improperly Handles Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24243 - (MSPT-Oct2018) Microsoft Exchange Server Remote Code Execution (CVE-2010-3190) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2010-3190 Description A vulnerability in some versions of Microsoft Exchange could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Exchange could lead to remote code execution. The flaw lies in the Server component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24246 - (MSPT-Oct2018) Microsoft Windows Hyper-V Remote Code Execution (CVE-2018-8489) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8489 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system. 24247 - (MSPT-Oct2018) Microsoft Windows Hyper-V Remote Code Execution (CVE-2018-8490) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8490 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system. 24259 - (MSPT-Oct2018) Microsoft Internet Explorer Improperly Access Objects in Memory Remote Code Execution Vulnerability (CVE-2018-849 Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8491 Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. The flaw lies in the Improperly Access Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24260 - (MSPT-Oct2018) Microsoft Internet Explorer Improperly Accesses Objects in Memory Remote Code Execution Vulnerability (CVE-2018-8 Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8460 Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. The flaw lies in the Improperly Accesses Objects in Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system. 24263 - (MSPT-Oct2018) Microsoft Windows Shell Handles URIs Remote Code Execution (CVE-2018-8495) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8495 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Shell Handles URIs component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24269 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8510) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-8510 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 24270 - (MSPT-Oct2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-8511) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES