{"id":1402,"date":"2018-06-20T17:26:05","date_gmt":"2018-06-20T17:26:05","guid":{"rendered":"http:\/\/blog.nsfocusglobal.com\/?p=1402"},"modified":"2018-06-20T17:26:05","modified_gmt":"2018-06-20T17:26:05","slug":"nsfocus-weekly-cybersecurity-report","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/nsfocus-weekly-cybersecurity-report\/","title":{"rendered":"NSFOCUS Weekly Cybersecurity Report"},"content":{"rendered":"<p>(Report ID: 201824)<\/p>\n<h2><\/h2>\n<h2>Internet Threat Status<\/h2>\n<h3><span style=\"font-family: DejaVu Sans;\"><span style=\"font-size: medium;\"><span style=\"color: #000000;\">CVE <\/span><\/span><span style=\"color: #000000; font-size: medium;\">Statistics<\/span><\/span><\/h3>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Increase-of-CVE-IDs.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-1404\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Increase-of-CVE-IDs.png\" alt=\"\" width=\"577\" height=\"298\" \/><\/a><\/p>\n<p>Last week we saw a slight increase in the total entries of CVE IDs.<\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-family: DejaVu Sans;\"><span style=\"color: #000000; font-size: medium;\">Threat Review<\/span><\/span><\/h3>\n<h4>New &#8216;Lazy FP State Restore&#8217; Vulnerability Found in All Modern Intel CPUs<\/h4>\n<p>Date: 06-13-2018<\/p>\n<p>Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor&#8217;s speculative execution technology\u2014like Specter and Meltdown\u2014and could potentially be exploited to access sensitive information, including encryption related data.<\/p>\n<p>Reference:\u00a0<a href=\"https:\/\/thehackernews.com\/2018\/06\/intel-processor-vulnerability.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29\">https:\/\/thehackernews.com\/2018\/06\/intel-processor-vulnerability.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29<\/a><\/p>\n<h4>Dixons Carphone breach: Millions of card and user data compromised<\/h4>\n<p>Date: 06-13-2018<\/p>\n<p>Description: A prominent United Kingdom-based retailer has suffered a massive data breach in which personal and financial data of millions of customers have been compromised.<\/p>\n<p>Reference:\u00a0\u00a0\u00a0\u00a0 <a href=\"https:\/\/www.hackread.com\/dixons-carphone-breach-card-user-datacompromised\/\">https:\/\/www.hackread.com\/dixons-carphone-breach-card-user-datacompromised\/<\/a><\/p>\n<h4>\u00a0Amazon Fire TV &amp; Fire TV Stick hit by crypto mining Android malware<\/h4>\n<p>Date: 06-12-2018<\/p>\n<p>Description: A traditional malware aims at stealing user data or keeps an eye on victim\u2019s online activities whereas depending on its capabilities a crypto mining malware not only steals data but also uses computing power (CPU) of victim\u2019s PC to mine cryptocurrency and slow down its performance.<\/p>\n<p>Reference:\u00a0\u00a0<a href=\"https:\/\/www.hackread.com\/amazon-fire-tv-fire-tv-stick-crypto-miningandroid-\">https:\/\/www.hackread.com\/amazon-fire-tv-fire-tv-stick-crypto-miningandroid-<\/a><\/p>\n<h4>Signature Validation Bug Let Malware Bypass Several Mac Security Products<\/h4>\n<p>Date: 06-12-2018<\/p>\n<p>Description: A years-old vulnerability has been discovered in the way several security products for Mac implement Apple&#8217;s code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers.<\/p>\n<p>Reference:\u00a0\u00a0 <a href=\"https:\/\/thehackernews.com\/2018\/06\/apple-mac-code-signing.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29\">https:\/\/thehackernews.com\/2018\/06\/apple-mac-code-signing.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29<\/a><\/p>\n<h4>US debuts world&#8217;s fastest supercomputer<\/h4>\n<p>Date: 06-11-2018<\/p>\n<p>Description: The machine can process 200,000 trillion calculations per second &#8211; or 200 petaflops. China&#8217;s Sunway TaihuLight supercomputer, until now the world&#8217;s most powerful machine, has a processing power of 93 petaflops.<\/p>\n<p>Reference:\u00a0\u00a0 <a href=\"http:\/\/www.bbc.com\/news\/technology-44439515\">https:\/\/www.bbc.com\/news\/technology-44439515<\/a><\/p>\n<p>(Compiled by: NSFOCUS TI &amp; Cybersecurity Lab)<\/p>\n<h3>Vulnerability Research<\/h3>\n<h4>Updates of NSFOCUS&#8217;s Vulnerability Database<\/h4>\n<p>As of 15 June 2018, there have been 40,102 vulnerabilities in NSFOCUS&#8217;s vulnerability database. Among 64 vulnerabilities that were newly-added last week, 63 were high-risk ones, one was of medium severity, and there was no low-risk vulnerability.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Vulnerability-Increase-in-NSFOCUSs-Database.png\"><img decoding=\"async\" class=\"alignnone size-full wp-image-1405\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Vulnerability-Increase-in-NSFOCUSs-Database.png\" alt=\"\" width=\"517\" height=\"340\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Vulnerability-Increase-in-NSFOCUSs-Database.png 517w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Weekly-Vulnerability-Increase-in-NSFOCUSs-Database-300x197.png 300w\" sizes=\"(max-width: 517px) 100vw, 517px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database.png\"><img decoding=\"async\" class=\"alignnone size-full wp-image-1406\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database.png\" alt=\"\" width=\"515\" height=\"372\" \/><\/a><\/p>\n<p>Adobe Flash Player Out-of-bounds Read Vulnerability (CVE-2018-5001)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104413<\/li>\n<li>CVE ID: CVE-2018-5001<\/li>\n<\/ul>\n<p>Adobe Flash Player Integer Overflow Vulnerability (CVE-2018-5000)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104413<\/li>\n<li>CVE ID: CVE-2018-5000<\/li>\n<\/ul>\n<p>Adobe Flash Player Type Confusion Vulnerability (CVE-2018-4945)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104413<\/li>\n<li>CVE ID: CVE-2018-4945<\/li>\n<\/ul>\n<p>Adobe Flash Player Stack-based Buffer Overflow Vulnerability (CVE-2018-5002)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104412<\/li>\n<li>CVE ID: CVE-2018-5002<\/li>\n<\/ul>\n<p>Cisco Meeting Server Information Disclosure Vulnerability (CVE-2018-0263)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104419<\/li>\n<li>CVE ID: CVE-2018-0263<\/li>\n<\/ul>\n<p>Multiple Cisco Products Disk Utilization Denial of Service Vulnerability (CVE-2017-6779)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>CVE ID: CVE-2017-6779<\/li>\n<\/ul>\n<p>Cisco AppDynamics App iQ Platform SQL Injection Vulnerability (CVE-2018-0225)<\/p>\n<ul>\n<li>Severity: Medium<\/li>\n<li>CVE ID: CVE-2018-0225<\/li>\n<\/ul>\n<p>Cisco IP Phone 6800\/7800\/8800 Series with Multiplatform Firmware Denail of Service Vulnerability (CVE-2018-0316)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>CVE ID: CVE-2018-0316<\/li>\n<\/ul>\n<p>Cisco IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0315)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104410<\/li>\n<li>CVE ID: CVE-2018-0315<\/li>\n<\/ul>\n<p>Cisco Adaptive Security Appliance Denail of Service (CVE-2018-0296)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>CVE ID: CVE-2018-0296<\/li>\n<\/ul>\n<p>Cisco Network Services Orchestrator Arbitray Command Execution Vulnerability (CVE-2018-0274)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>CVE ID: CVE-2018-0274<\/li>\n<\/ul>\n<p>Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability(CVE-2018-0317)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104432<\/li>\n<li>CVE ID: CVE-2018-0317<\/li>\n<\/ul>\n<p>Cisco Prime Collaboration ProvisioningUnauthorized Password Reset Vulnerability(CVE-2018-0318)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104434<\/li>\n<li>CVE ID: CVE-2018-0318<\/li>\n<\/ul>\n<p>Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8110)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104330<\/li>\n<li>CVE ID: CVE-2018-8110<\/li>\n<\/ul>\n<p>Cisco Prime Collaboration ProvisioningUnauthorized Password Recovery Vulnerability (CVE-2018-0319)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104431<\/li>\n<li>CVE ID: CVE-2018-0319<\/li>\n<\/ul>\n<p>Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8111)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104335<\/li>\n<li>CVE ID: CVE-2018-8111<\/li>\n<\/ul>\n<p>Microsoft Edge Remote Information Disclosure Vulnerability (CVE-2018-0871)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104339<\/li>\n<li>CVE ID: CVE-2018-0871<\/li>\n<\/ul>\n<p>Microsoft Remote Memory Corruption Vulnerability (CVE-2018-8236)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104336<\/li>\n<li>CVE ID: CVE-2018-8236<\/li>\n<\/ul>\n<p>Microsoft EdgeRemote Information Disclosure Vulnerability (CVE-2018-8234)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104340<\/li>\n<li>CVE ID: CVE-2018-8234<\/li>\n<\/ul>\n<p>Microsoft EdgeSecurity Bypass Vulnerability (CVE-2018-8235)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104343<\/li>\n<li>CVE ID: CVE-2018-8235<\/li>\n<\/ul>\n<p>Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8267)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104404<\/li>\n<li>CVE ID: CVE-2018-8267<\/li>\n<\/ul>\n<p>Microsoft Windows DNSAPI Remote Code Execution Vulnerability (CVE-2018-8225)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104395<\/li>\n<li>CVE ID: CVE-2018-8225<\/li>\n<\/ul>\n<p>Microsoft Windows Arbitray Code Execution Vulnerability (CVE-2018-8213)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104406<\/li>\n<li>CVE ID: CVE-2018-8213<\/li>\n<\/ul>\n<p>Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-8249)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104363<\/li>\n<li>CVE ID: CVE-2018-8249<\/li>\n<\/ul>\n<p>Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8243)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104403<\/li>\n<li>CVE ID: CVE-2018-8243<\/li>\n<\/ul>\n<p>Microsoft Windows &#8216;HTTP.sys&#8217; Remote Code Execution Vulnerability (CVE-2018-8231)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104373<\/li>\n<li>CVE ID: CVE-2018-8231<\/li>\n<\/ul>\n<p>Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8229)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>\u2029BID:104369<\/li>\n<li>CVE ID: CVE-2018-8229<\/li>\n<\/ul>\n<p>Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2018-8251)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104398<\/li>\n<li>CVE ID: CVE-2018-8251<\/li>\n<\/ul>\n<p>Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-0982)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104382<\/li>\n<li>CVE ID: CVE-2018-0982<\/li>\n<\/ul>\n<p>Microsoft Windows WebDAV Denial of Service Vulnerability (CVE-2018-8175)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104359<\/li>\n<li>CVE ID: CVE-2018-8175<\/li>\n<\/ul>\n<p>Microsoft Windows HIDParser Local Privilege Escalation Vulnerability (CVE-2018-8169)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104356<\/li>\n<li>CVE ID: CVE-2018-8169<\/li>\n<\/ul>\n<p>Microsoft Windows Cortana Local Privilege Escalation Vulnerability (CVE-2018-8140)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104354<\/li>\n<li>CVE ID: CVE-2018-8140<\/li>\n<\/ul>\n<p>Microsoft Windows Kernel LocalInformation Disclosure Vulnerability (CVE-2018-8121)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104380<\/li>\n<li>CVE ID: CVE-2018-8121<\/li>\n<\/ul>\n<p>Microsoft Internet Explorer Security Bypass Vulnerability (CVE-2018-8113)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104365<\/li>\n<li>CVE ID: CVE-2018-8113<\/li>\n<\/ul>\n<p>Microsoft Windows Code Integrity Module Denial of Service Vulnerability (CVE-2018-1040)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104389<\/li>\n<li>CVE ID: CVE-2018-1040<\/li>\n<\/ul>\n<p>Microsoft Windows NTFS Local Privilege Escalation Vulnerability (CVE-2018-1036)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104360<\/li>\n<li>CVE ID: CVE-2018-1036<\/li>\n<\/ul>\n<p>Microsoft Windows Desktop Bridge Local Privilege Escalation Vulnerability (CVE-2018-8208)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104392<\/li>\n<li>CVE ID: CVE-2018-8208<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8201)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104331<\/li>\n<li>CVE ID: CVE-2018-8201<\/li>\n<\/ul>\n<p>Microsoft Windows Kernel Local Information Disclosure Vulnerability (CVE-2018-8207)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104379<\/li>\n<li>CVE ID: CVE-2018-8207<\/li>\n<\/ul>\n<p>Microsoft WindowsLocal Denial of Service Vulnerability (CVE-2018-8205)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104391<\/li>\n<li>CVE ID: CVE-2018-8205<\/li>\n<\/ul>\n<p>Microsoft Windows Wireless Network Profile LocalInformation Disclosure Vulnerability (CVE-2018-8209)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104393<\/li>\n<li>CVE ID: CVE-2018-8209<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8221)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104338<\/li>\n<li>CVE ID: CVE-2018-8221<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8217)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104337<\/li>\n<li>CVE ID: CVE-2018-8217<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8216)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104334<\/li>\n<li>CVE ID: CVE-2018-8216<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8215)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104333<\/li>\n<li>CVE ID: CVE-2018-8215<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability(CVE-2018-8212)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104328<\/li>\n<li>CVE ID: CVE-2018-8212<\/li>\n<\/ul>\n<p>Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8211)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104326<\/li>\n<li>CVE ID: CVE-2018-8211<\/li>\n<\/ul>\n<p>Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8210)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104407<\/li>\n<li>CVE ID: CVE-2018-8210<\/li>\n<\/ul>\n<p>Microsoft Windows GDI Component Information Disclosure Vulnerability (CVE-2018-8239)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104401<\/li>\n<li>CVE ID: CVE-2018-8239<\/li>\n<\/ul>\n<p>Microsoft Office Remote Privilege Escalation Vulnerability (CVE-2018-8245)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104405<\/li>\n<li>CVE ID: CVE-2018-8245<\/li>\n<\/ul>\n<p>Microsoft Outlook Remote Privilege Escalation Vulnerability (CVE-2018-8244)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104323<\/li>\n<li>CVE ID: CVE-2018-8244<\/li>\n<\/ul>\n<p>Microsoft Office Remote Privilege Escalation Vulnerability (CVE-2018-8247)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104319<\/li>\n<li>CVE ID: CVE-2018-8247<\/li>\n<\/ul>\n<p>Microsoft Windows Desktop Bridge Local Privilege Escalation Vulnerability (CVE-2018-8214)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104394<\/li>\n<li>CVE ID: CVE-2018-8214<\/li>\n<\/ul>\n<p>Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8246)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104322<\/li>\n<li>CVE ID: CVE-2018-8246<\/li>\n<\/ul>\n<p>Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8248)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104318<\/li>\n<li>CVE ID: CVE-2018-8248<\/li>\n<\/ul>\n<p>Microsoft SharePoint Server Remote Privilege Escalation Vulnerability (CVE-2018-8252)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104317<\/li>\n<li>CVE ID: CVE-2018-8252<\/li>\n<\/ul>\n<p>Microsoft SharePoint Server Remote Privilege Escalation Vulnerability(CVE-2018-8254)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>\u00a0BID:104325<\/li>\n<li>CVE ID: CVE-2018-8254<\/li>\n<\/ul>\n<p>Microsoft Windows Hyper-V Code Integrity Privilege Escalation Vulnerability (CVE-2018-8219)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104353<\/li>\n<li>CVE ID: CVE-2018-8219<\/li>\n<\/ul>\n<p>Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8227)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104368<\/li>\n<li>CVE ID: CVE-2018-8227<\/li>\n<\/ul>\n<p>Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-0978)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104364<\/li>\n<li>CVE ID: CVE-2018-0978<\/li>\n<\/ul>\n<p>Microsoft Windows Hyper-VDenial of Service Vulnerability (CVE-2018-8218)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104402<\/li>\n<li>CVE ID: CVE-2018-8218<\/li>\n<\/ul>\n<p>Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-8224)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:10438<\/li>\n<li>CVE ID: CVE-2018-8224<\/li>\n<\/ul>\n<p>Microsoft Windows &#8216;HTTP.sys&#8217; Remote Denial of Service Vulnerability (CVE-2018-8226)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104361<\/li>\n<li>CVE ID: CVE-2018-8226<\/li>\n<\/ul>\n<p>Microsoft Windows Kernel &#8216;Win32k.sys&#8217;Local Privilege Escalation Vulnerability (CVE-2018-8233)<\/p>\n<ul>\n<li>Severity: Critical<\/li>\n<li>BID:104383<\/li>\n<li>CVE ID: CVE-2018-8233<\/li>\n<\/ul>\n<p>(Source: NSFOCUS Security Research Department &amp; Product Groups)<\/p>\n<p>&nbsp;<\/p>\n<h2><span style=\"color: #000000; font-family: DejaVu Sans; font-size: medium;\">Vulnerability in the Spotlight<\/span><\/h2>\n<h3>Adobe Flash Player Remote Code Execution Vulnerability<\/h3>\n<p>NSFOCUS ID: 40042<\/p>\n<p>CVE ID: CVE-2018-5002<\/p>\n<p>Affected Versions: Adobe Flash Player &lt;= 29.0.0.171<\/p>\n<p>Comment: Flash Player is a multimedia program player released by Adobe. A type confusion vulnerability was disclosed in Adobe Flash Player 29.0.0.171 and its earlier versions. This vulnerability could be exploited by attackers to execute arbitrary code. At present, attacks exploiting this vulnerability have appeared. Adobe has issued a security advisory (APSB18-19), together with corresponding patches. Users are advised to fix it as soon as possible.<\/p>\n<p>(Source: NSFOCUS Security Research &amp; Product Groups)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. &nbsp; Threat Review New &#8216;Lazy FP State Restore&#8217; Vulnerability Found in All Modern Intel CPUs Date: 06-13-2018 Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor&#8217;s [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7773,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[8,15],"tags":[],"class_list":["post-1402","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry-perspective","category-research-reports"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NSFOCUS Weekly Cybersecurity Report - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NSFOCUS Weekly Cybersecurity Report - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. &nbsp; Threat Review New\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-20T17:26:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"NSFOCUS Weekly Cybersecurity Report - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. &nbsp; Threat Review New\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"NSFOCUS Weekly Cybersecurity Report\",\"datePublished\":\"2018-06-20T17:26:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/\"},\"wordCount\":1522,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\",\"articleSection\":[\"Industry Perspective\",\"Research &amp; Reports\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/\",\"name\":\"NSFOCUS Weekly Cybersecurity Report - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\",\"datePublished\":\"2018-06-20T17:26:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png\",\"width\":515,\"height\":372,\"caption\":\"Line graph of NSFOCUS database entry changes.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-weekly-cybersecurity-report\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NSFOCUS Weekly Cybersecurity Report\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NSFOCUS Weekly Cybersecurity Report - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"NSFOCUS Weekly Cybersecurity Report - NSFOCUS","og_description":"(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. &nbsp; Threat Review New","og_url":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/","og_site_name":"NSFOCUS","article_published_time":"2018-06-20T17:26:05+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"NSFOCUS Weekly Cybersecurity Report - NSFOCUS","twitter_description":"(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. &nbsp; Threat Review New","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"8 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"NSFOCUS Weekly Cybersecurity Report","datePublished":"2018-06-20T17:26:05+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/"},"wordCount":1522,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","articleSection":["Industry Perspective","Research &amp; Reports"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/","url":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/","name":"NSFOCUS Weekly Cybersecurity Report - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","datePublished":"2018-06-20T17:26:05+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/06\/Change-of-Total-Entries-in-NSFOCUSs-Vulnerability-Database-1.png","width":515,"height":372,"caption":"Line graph of NSFOCUS database entry changes."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/nsfocus-weekly-cybersecurity-report\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"NSFOCUS Weekly Cybersecurity Report"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/1402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=1402"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/1402\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/7773"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=1402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=1402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=1402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}