Microsoft January 2018 Patch Tuesday
Microsoft, as expected included last weeks Meltdown/Spectre update in this months patch Tuesday. But note that in addition to these two flaws, we have a number of other "traditional" privilege escalation and even remote code execution flaws that are probably easier to exploit and should be treated probably with a higher priority. Regardless, I doubt that as many people will work overtime for these run of the mill flaws. For example:
CVE-2018-0788: A quick NVD search shows 15 different vulnerabilities for this Atmfd.dll. Some can even lead to code execution. But I doubt you will have this issue patched this week. Exploitation of CVE-2018-0788 can lead to code execution as administrator. Spectre/Meltdown only allow reading data.
CVE-2018-0773: An attacker may execute arbitrary code in the context of the user running the browser. Spectre, which was patched in many browser again only allows reading data.
and CVE-2018-0802, which is already being exploited.
So better get patching. It worked so well last month :)
January 2018 Security Updates
Description | |||||
---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
.NET Security Feature Bypass Vulnerability | |||||
CVE-2018-0786 | No | No | Less Likely | Less Likely | Important |
.NET and .NET Core Denial Of Service Vulnerability | |||||
CVE-2018-0764 | No | No | Unlikely | Unlikely | Important |
ASP.NET Core Cross Site Request Forgery Vulnerabilty | |||||
CVE-2018-0785 | No | No | Unlikely | Unlikely | Moderate |
ASP.NET Core Elevation Of Privilege Vulnerability | |||||
CVE-2018-0784 | No | No | Less Likely | Less Likely | Important |
Guidance to mitigate speculative execution side-channel vulnerabilities | |||||
ADV180002 | No | No | Less Likely | Less Likely | Important |
January 2018 Adobe Flash Security Update | |||||
ADV180001 | No | No | - | - | Critical |
Microsoft Access Tampering Vulnerability | |||||
CVE-2018-0799 | No | No | Unlikely | Unlikely | Important |
Microsoft Color Management Information Disclosure Vulnerability | |||||
CVE-2018-0741 | No | No | - | - | Important |
Microsoft Edge Elevation of Privilege Vulnerability | |||||
CVE-2018-0803 | No | No | - | - | Important |
Microsoft Edge Information Disclosure Vulnerability | |||||
CVE-2018-0766 | No | No | Unlikely | Unlikely | Important |
Microsoft Excel Remote Code Execution Vulnerability | |||||
CVE-2018-0796 | No | No | Less Likely | Less Likely | Important |
Microsoft Office Defense in Depth Update | |||||
ADV180003 | No | No | - | - | None |
Microsoft Office Memory Corruption Vulnerability | |||||
CVE-2018-0802 | No | Yes | Unlikely | Unlikely | Important |
CVE-2018-0798 | No | No | Less Likely | Less Likely | Important |
Microsoft Office Remote Code Execution Vulnerability | |||||
CVE-2018-0795 | No | No | - | - | Important |
Microsoft Office Remote Code Execution Vulnerability | |||||
CVE-2018-0801 | No | No | Less Likely | Less Likely | Important |
Microsoft Outlook Remote Code Execution Vulnerability | |||||
CVE-2018-0791 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0793 | No | No | More Likely | More Likely | Important |
Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability | |||||
CVE-2018-0790 | No | No | Less Likely | Less Likely | Important |
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
CVE-2018-0789 | No | No | Less Likely | Less Likely | Important |
Microsoft Word Memory Corruption Vulnerability | |||||
CVE-2018-0812 | No | No | Unlikely | Unlikely | Important |
CVE-2018-0797 | No | No | Less Likely | Less Likely | Critical |
Microsoft Word Remote Code Execution Vulnerability | |||||
CVE-2018-0805 | No | No | Unlikely | Unlikely | Important |
CVE-2018-0806 | No | No | Unlikely | Unlikely | Important |
CVE-2018-0807 | No | No | Unlikely | Unlikely | Important |
Microsoft Word Remote Code Execution Vulnerability | |||||
CVE-2018-0804 | No | No | Unlikely | Unlikely | Low |
CVE-2018-0792 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0794 | No | No | More Likely | More Likely | Important |
OpenType Font Driver Elevation of Privilege Vulnerability | |||||
CVE-2018-0788 | No | No | More Likely | More Likely | Important |
OpenType Font Driver Information Disclosure Vulnerability | |||||
CVE-2018-0754 | No | No | More Likely | More Likely | Important |
SMB Server Elevation of Privilege Vulnerability | |||||
CVE-2018-0749 | No | No | Less Likely | Less Likely | Important |
Scripting Engine Information Disclosure Vulnerability | |||||
CVE-2018-0800 | No | No | Less Likely | Less Likely | Critical |
CVE-2018-0767 | No | No | Unlikely | Unlikely | Critical |
CVE-2018-0780 | No | No | - | - | Critical |
Scripting Engine Memory Corruption Vulnerability | |||||
CVE-2018-0773 | No | No | - | - | Critical |
CVE-2018-0774 | No | No | - | - | Critical |
CVE-2018-0781 | No | No | Unlikely | Unlikely | Critical |
CVE-2018-0758 | No | No | - | - | Critical |
CVE-2018-0762 | No | No | More Likely | More Likely | Critical |
CVE-2018-0768 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0769 | No | No | - | - | Critical |
CVE-2018-0770 | No | No | - | - | Critical |
CVE-2018-0772 | No | No | - | - | Critical |
CVE-2018-0775 | No | No | - | - | Critical |
CVE-2018-0776 | No | No | - | - | Critical |
CVE-2018-0777 | No | No | - | - | Critical |
CVE-2018-0778 | No | No | Unlikely | Unlikely | Critical |
Scripting Engine Security Feature Bypass | |||||
CVE-2018-0818 | No | No | Unlikely | Unlikely | Important |
Spoofing Vulnerability in Microsoft Office for MAC | |||||
CVE-2018-0819 | Yes | No | Less Likely | Less Likely | Important |
Windows Elevation of Privilege Vulnerability | |||||
CVE-2018-0748 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0751 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0752 | No | No | Less Likely | Less Likely | Important |
CVE-2018-0744 | No | No | More Likely | More Likely | Important |
Windows GDI Information Disclosure Vulnerability | |||||
CVE-2018-0750 | No | No | More Likely | More Likely | Important |
Windows IPSec Denial of Service Vulnerability | |||||
CVE-2018-0753 | No | No | - | - | Important |
Windows Information Disclosure Vulnerability | |||||
CVE-2018-0746 | No | No | More Likely | More Likely | Important |
CVE-2018-0747 | No | No | More Likely | More Likely | Important |
CVE-2018-0745 | No | No | More Likely | More Likely | Important |
Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||
CVE-2018-0743 | No | No | Less Likely | Less Likely | Important |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments