Microsoft CVE-2018-0950: Microsoft Office Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email. A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password. The security update addresses the vulnerability by correcting how Office processes OLE objects.
Solution(s)
- msft-kb4018347-06cc22a2-1001-42da-8739-68396fc0d67f
- msft-kb4018347-7f47c53b-db37-494f-8101-29e3541b353c
- msft-kb4018354-6f83ae0a-b693-4ae2-a6fd-ab40d06efe99
- msft-kb4018355-117b0737-185c-48a6-a0f1-c2793a9d1841
- msft-kb4018357-207130f6-3078-4c1f-9cb9-0174168aaf66
- msft-kb4018357-5d4a2663-13d8-4338-bc0e-0b0c56f133bb
- msft-kb4018359-3787da0b-ce95-4911-a5df-1c7e262aa4b4
- msft-kb4018359-6dafe5bd-f78e-4cde-bb3d-a610c31185f7
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center