Threat Level: green Handler on Duty: Lorna Hutcheson

SANS ISC: InfoSec Handlers Diary Blog - Microsoft March 2018 Patch Tuesday InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft March 2018 Patch Tuesday

Published: 2018-03-13
Last Updated: 2018-03-13 18:32:58 UTC
by Johannes Ullrich (Version: 1)
8 comment(s)

March 2018 Security Updates (Preliminary. Work in Progress)

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity
.NET Core Denial of Service Vulnerability
CVE-2018-0875 No No Less Likely Less Likely Important
ASP.NET Core Denial of Service Vulnerability
CVE-2018-0808 Yes No - - Important
ASP.NET Core Elevation of Privilege Vulnerability
CVE-2018-0787 No No - - Important
CNG Security Feature Bypass Vulnerability
CVE-2018-0902 No No Less Likely Less Likely Important
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0930 No No - - Critical
CVE-2018-0931 No No - - Critical
CVE-2018-0933 No No - - Critical
CVE-2018-0934 No No - - Critical
CVE-2018-0936 No No - - Critical
CVE-2018-0937 No No - - Critical
CVE-2018-0872 No No - - Critical
CVE-2018-0873 No No - - Important
CVE-2018-0874 No No - - Critical
CredSSP Remote Code Execution Vulnerability
CVE-2018-0886 No No Less Likely Less Likely Important
Hyper-V Information Disclosure Vulnerability
CVE-2018-0888 No No Less Likely Less Likely Important
Internet Explorer Elevation of Privilege Vulnerability
CVE-2018-0942 No No - - Important
Internet Explorer Information Disclosure Vulnerability
CVE-2018-0929 No No More Likely More Likely Important
March 2018 Adobe Flash Security Update
ADV180006 No No - - Critical
Microsoft Access Remote Code Execution Vulnerability
CVE-2018-0903 No No Less Likely Less Likely Important
Microsoft Browser Information Disclosure Vulnerability
CVE-2018-0927 No No More Likely More Likely Important
CVE-2018-0932 No No - - Critical
Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0879 No No - - Important
Microsoft Exchange Elevation of Privilege Vulnerability
CVE-2018-0940 Yes No Unlikely Unlikely Important
Microsoft Exchange Information Disclosure Vulnerability
CVE-2018-0924 No No Unlikely Unlikely Low
CVE-2018-0941 No No Unlikely Unlikely Important
Microsoft Office Excel Security Feature Bypass
CVE-2018-0907 No No More Likely More Likely Important
Microsoft Office Information Disclosure Vulnerability
CVE-2018-0919 No No More Likely More Likely Important
Microsoft Office Memory Corruption Vulnerability
CVE-2018-0922 No No - - Important
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0909 No No Less Likely Less Likely Important
CVE-2018-0910 No No Less Likely Less Likely Important
CVE-2018-0911 No No Less Likely Less Likely Important
CVE-2018-0912 No No Less Likely Less Likely Important
CVE-2018-0913 No No Less Likely Less Likely Important
CVE-2018-0914 No No Less Likely Less Likely Important
CVE-2018-0915 No No Less Likely Less Likely Important
CVE-2018-0916 No No Less Likely Less Likely Important
CVE-2018-0917 No No - - Important
CVE-2018-0921 No No - - Important
CVE-2018-0923 No No Less Likely Less Likely Important
CVE-2018-0944 No No Less Likely Less Likely Important
Microsoft Sharepoint Elevation of Privilege Vulnerability
CVE-2018-0947 No No Less Likely Less Likely Important
Microsoft Video Control Elevation of Privilege Vulnerability
CVE-2018-0881 No No Less Likely Less Likely Important
Scripting Engine Information Disclosure Vulnerability
CVE-2018-0891 No No More Likely More Likely Important
CVE-2018-0939 No No - - Critical
Scripting Engine Memory Corruption Vulnerability
CVE-2018-0889 No No More Likely More Likely Critical
CVE-2018-0893 No No - - Critical
CVE-2018-0935 No No More Likely More Likely Important
CVE-2018-0876 No No - - Critical
CVE-2018-0925 No No - - Critical
Win32k Elevation of Privilege Vulnerability
CVE-2018-0977 No No More Likely More Likely Important
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2018-0880 No No Less Likely Less Likely Important
CVE-2018-0882 No No - - Important
Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
CVE-2018-0877 No No Less Likely Less Likely Important
Windows GDI Elevation of Privilege Vulnerability
CVE-2018-0816 No No - - Important
CVE-2018-0817 No No More Likely More Likely Important
CVE-2018-0815 No No - - Important
Windows Hyper-V Denial of Service Vulnerability
CVE-2018-0885 No No Less Likely Less Likely Important
Windows Installer Elevation of Privilege Vulnerability
CVE-2018-0868 No No Less Likely Less Likely Important
Windows Kernel Information Disclosure Vulnerability
CVE-2018-0811 No No More Likely More Likely Important
CVE-2018-0894 No No More Likely More Likely Important
CVE-2018-0895 No No More Likely More Likely Important
CVE-2018-0896 No No More Likely More Likely Important
CVE-2018-0897 No No More Likely More Likely Important
CVE-2018-0898 No No More Likely More Likely Important
CVE-2018-0899 No No More Likely More Likely Important
CVE-2018-0900 No No More Likely More Likely Important
CVE-2018-0901 No No More Likely More Likely Important
CVE-2018-0926 No No More Likely More Likely Important
CVE-2018-0813 No No More Likely More Likely Important
CVE-2018-0814 No No More Likely More Likely Important
CVE-2018-0904 No No More Likely More Likely Important
Windows Remote Assistance Information Disclosure Vulnerability
CVE-2018-0878 No No Less Likely Less Likely Important
Windows Security Feature Bypass Vulnerability
CVE-2018-0884 No No Less Likely Less Likely Important
Windows Shell Remote Code Execution Vulnerability
CVE-2018-0883 No No More Likely More Likely Important
Windows Storage Services Elevation of Privilege Vulnerability
CVE-2018-0983 No No More Likely More Likely Important

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

Keywords:
8 comment(s)
Diary Archives