JPCERT-AT-2018-0051
JPCERT/CC
2018-12-20
Details on the vulnerability can be found at the following URL:
CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8653
- KB4483187, KB4483230, KB4483234, KB4483235, KB4483232, KB4483228
KB4483229
Internet Explorer 11
- Windows 10 Version 1703 for 32-bit Systems (KB4483230)
- Windows 10 Version 1703 for x64-based Systems (KB4483230)
- Windows 10 Version 1803 for 32-bit Systems (KB4483234)
- Windows 10 Version 1803 for x64-based Systems (KB4483234)
- Windows 10 Version 1803 for ARM64-based Systems (KB4483234)
- Windows 10 Version 1809 for 32-bit Systems (KB4483235)
- Windows 10 Version 1809 for x64-based Systems (KB4483235)
- Windows 10 Version 1809 for ARM64-based Systems (KB4483235)
- Windows Server 2019 (KB4483235)
- Windows 10 Version 1709 for 32-bit Systems (KB4483232)
- Windows 10 Version 1709 for 64-based Systems (KB4483232)
- Windows 10 Version 1709 for ARM64-based Systems (KB4483232)
- Windows 10 for 32-bit Systems (KB4483228)
- Windows 10 for x64-based Systems (KB4483228)
- Windows 10 Version 1607 for 32-bit Systems (KB4483229)
- Windows 10 Version 1607 for x64-based Systems (KB4483229)
- Windows Server 2016 (KB4483229)
- Windows 7 for 32-bit Systems Service Pack 1 (KB4483187)
- Windows 7 for x64-based Systems Service Pack 1 (KB4483187)
- Windows 8.1 for 32-bit systems (KB4483187)
- Windows 8.1 for x64-based systems (KB4483187)
- Windows RT 8.1 (KB4483187)
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB4483187)
- Windows Server 2012 R2 (KB4483187)
Internet Explorer 10
- Windows Server 2012 (KB4483187)
Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2 (KB4483187)
- Windows Server 2008 for x64-based Systems Service Pack 2 (KB4483187)
Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Microsoft has released workarounds for this vulnerability.According to Microsoft, since this vulnerability is affected when jscript is used as a script engine, the vulnerability can be mitigated by restricting access to the JScript.dll file. Please test the effects that the workarounds may cause prior to applying the workarounds, as this may affect certain websites that utilize jscript as the scripting engine.
Microsoft Corporation
CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8653
Microsoft Corporation
December 2018 Security Update Release
https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/
Microsoft Corporation
Microsoft Security Updates for December 2018 (Monthly) (Japanese)
https://blogs.technet.microsoft.com/jpsecurity/2018/12/12/201812-security-updates/
CERT/CC Vulnerability Note VU#573168
Microsoft Internet Explorer scripting engine JScript memory corruption vulnerability
https://www.kb.cert.org/vuls/id/573168/
Japan Vulnerability Notes JVNVU#91880486
Internet Explorer scripting engine JScript memory corruption vulnerability (Japanese)
https://jvn.jp/vu/JVNVU91880486/
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/
JPCERT/CC
2018-12-20
I. Overview
Microsoft has released Security Updates regarding vulnerability(CVE-2018-8653) in Microsoft Internet Explorer. This contains updates that are rated as "critical". Remote attackers leveraging this vulnerability may be able to execute arbitrary code. According to Microsoft, an exploit for the vulnerability already exists in the wild.Details on the vulnerability can be found at the following URL:
CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8653
- KB4483187, KB4483230, KB4483234, KB4483235, KB4483232, KB4483228
KB4483229
II. Affected Products
Affected products and versions are as follows:Internet Explorer 11
- Windows 10 Version 1703 for 32-bit Systems (KB4483230)
- Windows 10 Version 1703 for x64-based Systems (KB4483230)
- Windows 10 Version 1803 for 32-bit Systems (KB4483234)
- Windows 10 Version 1803 for x64-based Systems (KB4483234)
- Windows 10 Version 1803 for ARM64-based Systems (KB4483234)
- Windows 10 Version 1809 for 32-bit Systems (KB4483235)
- Windows 10 Version 1809 for x64-based Systems (KB4483235)
- Windows 10 Version 1809 for ARM64-based Systems (KB4483235)
- Windows Server 2019 (KB4483235)
- Windows 10 Version 1709 for 32-bit Systems (KB4483232)
- Windows 10 Version 1709 for 64-based Systems (KB4483232)
- Windows 10 Version 1709 for ARM64-based Systems (KB4483232)
- Windows 10 for 32-bit Systems (KB4483228)
- Windows 10 for x64-based Systems (KB4483228)
- Windows 10 Version 1607 for 32-bit Systems (KB4483229)
- Windows 10 Version 1607 for x64-based Systems (KB4483229)
- Windows Server 2016 (KB4483229)
- Windows 7 for 32-bit Systems Service Pack 1 (KB4483187)
- Windows 7 for x64-based Systems Service Pack 1 (KB4483187)
- Windows 8.1 for 32-bit systems (KB4483187)
- Windows 8.1 for x64-based systems (KB4483187)
- Windows RT 8.1 (KB4483187)
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB4483187)
- Windows Server 2012 R2 (KB4483187)
Internet Explorer 10
- Windows Server 2012 (KB4483187)
Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2 (KB4483187)
- Windows Server 2008 for x64-based Systems Service Pack 2 (KB4483187)
III. Solution
Please apply the security update programs through Microsoft Update,Windows Update, etc. as soon as possible.Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Microsoft has released workarounds for this vulnerability.According to Microsoft, since this vulnerability is affected when jscript is used as a script engine, the vulnerability can be mitigated by restricting access to the JScript.dll file. Please test the effects that the workarounds may cause prior to applying the workarounds, as this may affect certain websites that utilize jscript as the scripting engine.
IV. References
Microsoft Corporation
CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8653
Microsoft Corporation
December 2018 Security Update Release
https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/
Microsoft Corporation
Microsoft Security Updates for December 2018 (Monthly) (Japanese)
https://blogs.technet.microsoft.com/jpsecurity/2018/12/12/201812-security-updates/
CERT/CC Vulnerability Note VU#573168
Microsoft Internet Explorer scripting engine JScript memory corruption vulnerability
https://www.kb.cert.org/vuls/id/573168/
Japan Vulnerability Notes JVNVU#91880486
Internet Explorer scripting engine JScript memory corruption vulnerability (Japanese)
https://jvn.jp/vu/JVNVU91880486/
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/