Microsoft Monthly Security Update (Dec 2018)
Last Update Date:
4 Mar 2025
Release Date:
12 Dec 2018
8789
Views
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
Microsoft has released monthly security update for their products:
| Vulnerable Product | Severity | Impacts | Notes | Details (including CVE) |
| Browser |  Moderately Critical | Remote Code Execution | ||
| Developer Tools | Moderately Critical | Denial of Service Elevation of Privilege Remote Code Execution | ||
| Exchange Server | Moderately Critical | Data Manipulation | ||
| Microsoft Dynamics | Moderately Critical | Spoofing | ||
| Microsoft Office | Moderately Critical | Remote Code Execution Elevation of Privilege Information Disclosure | ||
| Windows | Moderately Critical | Elevation of Privilege Denial of Service Remote Code Execution Information Disclosure | Exploited in the wild (Local Exploit) [Updated on 2025-03-04] CVE-2018-8639 is being exploited in the wild. This vulnerability is a Win32k elevation of privilege flaw that local attackers logged into the target system can exploit to run arbitrary code in kernel mode. |
Number of 'Extremely Critical' product(s): 0
Number of 'Highly Critical' product(s): 0
Number of 'Moderately Critical' product(s): 6
Evaluation of overall 'Criticality Level': Moderately Critical
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
- Spoofing
- Data Manipulation
System / Technologies affected
- Browser
- Developer Tools
- Exchange Server
- Microsoft Dynamics
- Microsoft Office
- Windows
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued security updates for the products. Please refer to 'Details' column in the above table for details of individual product update or run software update.
Vulnerability Identifier
Source
Related Link
Share with