February 2018 Microsoft (and Adobe) Patch Tuesday
I will update this diary as additional bulletins are released. Microsoft marked adobe's bulletin as "not yet exploited". However, according to Adobe and reports from the Korean Cert, one of the vulnerabilities has already been exploited, so I am marking it differently here, and assign it a "Patch Now" rating. Not much detail has been made public yet about this vulnerability, which is why I am leaving the "Disclosed" rating at "No".
Microsoft lists one more vulnerability, CVE-2018-0771, as already disclosed. I left the raiting at "Important" since this is just a security feature bypass.
The "SPECTRE" advisory (ADV180002) was originally released in January but underwent several updates since then. The latest version released today includes references to new updates released for Windows 10 (32-bit) . It also states that there is no release schedule for older versions of Windows, but that they are working on releasing updates for pre-Windows 10 operating systems.
February 2018 Security Updates
| Description | |||||
|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| February 2018 Adobe Flash Security Update | |||||
| ADV180004 | No | Yes | - | - | PATCH NOW |
| Guidance to mitigate speculative execution side-channel vulnerabilities (Spectre) | |||||
| ADV180002 | No | No | Less Likely | Less Likely | Important |
| Microsoft Edge Information Disclosure Vulnerability | |||||
| CVE-2018-0839 | No | No | - | - | Important |
| CVE-2018-0763 | No | No | - | - | Critical |
| Microsoft Edge Security Feature Bypass Vulnerability | |||||
| CVE-2018-0771 | Yes | No | - | - | Moderate |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2018-0841 | No | No | - | - | Important |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2018-0853 | No | No | Less Likely | Less Likely | Important |
| Microsoft Office Memory Corruption Vulnerability | |||||
| CVE-2018-0851 | No | No | More Likely | More Likely | Important |
| Microsoft Outlook Elevation of Privilege Vulnerability | |||||
| CVE-2018-0850 | No | No | Less Likely | Less Likely | Important |
| Microsoft Outlook Memory Corruption Vulnerability | |||||
| CVE-2018-0852 | No | No | Less Likely | Less Likely | Critical |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2018-0869 | No | No | - | - | Important |
| CVE-2018-0864 | No | No | Unlikely | Unlikely | Important |
| Named Pipe File System Elevation of Privilege Vulnerability | |||||
| CVE-2018-0823 | No | No | - | - | Important |
| Scripting Engine Memory Corruption Vulnerabilities | |||||
| CVE-2018-0834 | No | No | - | - | Critical |
| CVE-2018-0835 | No | No | - | - | Critical |
| CVE-2018-0836 | No | No | - | - | Important |
| CVE-2018-0837 | No | No | - | - | Critical |
| CVE-2018-0838 | No | No | - | - | Critical |
| CVE-2018-0840 | No | No | - | - | Critical |
| CVE-2018-0856 | No | No | - | - | Critical |
| CVE-2018-0857 | No | No | - | - | Critical |
| CVE-2018-0858 | No | No | - | - | Critical |
| CVE-2018-0859 | No | No | - | - | Critical |
| CVE-2018-0860 | No | No | - | - | Critical |
| CVE-2018-0861 | No | No | - | - | Critical |
| CVE-2018-0866 | No | No | More Likely | More Likely | Important |
| StructuredQuery Remote Code Execution Vulnerability | |||||
| CVE-2018-0825 | No | No | More Likely | More Likely | Critical |
| Windows AppContainer Elevation Of Privilege Vulnerability | |||||
| CVE-2018-0821 | No | No | More Likely | More Likely | Important |
| Windows Common Log File System Driver Elevation of Privilege Vulnerabilities | |||||
| CVE-2018-0844 | No | No | More Likely | More Likely | Important |
| CVE-2018-0846 | No | No | More Likely | More Likely | Important |
| Windows Denial of Service Vulnerability | |||||
| CVE-2018-0833 | No | No | - | - | Moderate |
| Windows EOT Font Engine Information Disclosure Vulnerabilities | |||||
| CVE-2018-0855 | No | No | - | - | Important |
| CVE-2018-0755 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0760 | No | No | More Likely | Less Likely | Important |
| CVE-2018-0761 | No | No | More Likely | Less Likely | Important |
| Windows Elevation of Privilege Vulnerability | |||||
| CVE-2018-0828 | No | No | Less Likely | Less Likely | Important |
| Windows Kernel Elevation of Privilege Vulnerabilities | |||||
| CVE-2018-0831 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0742 | No | No | More Likely | More Likely | Important |
| CVE-2018-0756 | No | No | More Likely | More Likely | Important |
| CVE-2018-0809 | No | No | More Likely | More Likely | Important |
| CVE-2018-0820 | No | No | More Likely | More Likely | Important |
| Windows Kernel Information Disclosure Vulnerabilities | |||||
| CVE-2018-0810 | No | No | - | - | Important |
| CVE-2018-0829 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0830 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0832 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0843 | No | No | - | - | Important |
| CVE-2018-0757 | No | No | Less Likely | Less Likely | Important |
| Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability | |||||
| CVE-2018-0822 | No | No | More Likely | More Likely | Important |
| Windows Remote Code Execution Vulnerability | |||||
| CVE-2018-0842 | No | No | More Likely | More Likely | Important |
| Windows Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2018-0847 | No | No | More Likely | More Likely | Important |
| Windows Security Feature Bypass Vulnerability | |||||
| CVE-2018-0827 | No | No | Less Likely | Less Likely | Important |
| Windows Storage Services Elevation of Privilege Vulnerability | |||||
| CVE-2018-0826 | No | No | More Likely | More Likely | Important |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments