Microsoft Patch Tuesday : February 2018

This month’s Patch Tuesday has seen Microsoft pushing out fixes for 55 vulnerabilities in Windows, Office, Internet Explorer, Edge and Adobe Flash Player.

Earlier Microsoft had released an out-of-band update for the Zero-day vulnerabilities which had affected Adobe Flash Player as these vulnerabilities were actively exploited in the wild. Two critical flaws of MS Outlook were also addressed, while Microsoft has re-released the updates for SPECTRE.

Severity: Critical

CVE	Disclosed	Exploited	Product
ADV180004	No	Yes	February 2018 Adobe Flash Security Update
CVE 2018-0763	No	No	Microsoft Edge Information Disclosure Vulnerability
CVE 2018-0852	No	No	Microsoft Outlook Memory Corruption Vulnerability
CVE 2018-0834	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0835	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0837	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0838	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0840	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0856	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0857	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0858	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0859	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0860	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0861	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0825	No	No	StructuredQuery Remote Code Execution Vulnerability

Severity: Important

CVE	Disclosed	Exploited	Product
ADV180002	No	No	Guidance to mitigate speculative execution side-channel vulnerabilities (Spectre)
CVE 2018-0839	No	No	Microsoft Edge Information Disclosure Vulnerability
CVE 2018-0841	No	No	Microsoft Excel Remote Code Execution Vulnerability
CVE 2018-0853	No	No	Microsoft Office Information Disclosure Vulnerability
CVE 2018-0851	No	No	Microsoft Office Memory Corruption Vulnerability
CVE 2018-0850	No	No	Microsoft Outlook Elevation of Privilege Vulnerability
CVE 2018-0864	No	No	Microsoft SharePoint Elevation of Privilege Vulnerability
CVE 2018-0869	No	No	Microsoft SharePoint Elevation of Privilege Vulnerability
CVE 2018-0823	No	No	Named Pipe File System Elevation of Privilege Vulnerability
CVE 2018-0836	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0866	No	No	Scripting Engine Memory Corruption Vulnerabilities
CVE 2018-0821	No	No	Windows AppContainer Elevation Of Privilege Vulnerability
CVE 2018-0844	No	No	Windows Common Log File System Driver Elevation of Privilege Vulnerabilities
CVE 2018-0846	No	No	Windows Common Log File System Driver Elevation of Privilege Vulnerabilities
CVE 2018-0828	No	No	Windows Elevation of Privilege Vulnerability
CVE 2018-0755	No	No	Windows EOT Font Engine Information Disclosure Vulnerabilities
CVE 2018-0760	No	No	Windows EOT Font Engine Information Disclosure Vulnerabilities
CVE 2018-0761	No	No	Windows EOT Font Engine Information Disclosure Vulnerabilities
CVE 2018-0855	No	No	Windows EOT Font Engine Information Disclosure Vulnerabilities
CVE 2018-0742	No	No	Windows Kernel Elevation of Privilege Vulnerabilities
CVE 2018-0756	No	No	Windows Kernel Elevation of Privilege Vulnerabilities
CVE 2018-0809	No	No	Windows Kernel Elevation of Privilege Vulnerabilities
CVE 2018-0820	No	No	Windows Kernel Elevation of Privilege Vulnerabilities
CVE 2018-0831	No	No	Windows Kernel Elevation of Privilege Vulnerabilities
CVE 2018-0757	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0810	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0829	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0830	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0832	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0843	No	No	Windows Kernel Information Disclosure Vulnerabilities
CVE 2018-0822	No	No	Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability
CVE 2018-0842	No	No	Windows Remote Code Execution Vulnerability
CVE 2018-0847	No	No	Windows Scripting Engine Memory Corruption Vulnerability
CVE 2018-0827	No	No	Windows Security Feature Bypass Vulnerability
CVE 2018-0826	No	No	Windows Storage Services Elevation of Privilege Vulnerability

Severity: Moderate

CVE	Disclosed	Exploited	Product
CVE 2018-0771	Yes	No	Microsoft Edge Security Feature Bypass Vulnerability
CVE 2018-0833	No	No	Windows Denial of Service Vulnerability

The Rise of Malicious Crypto-Currency Mining Operations

Cyber Security Preview of the Week

Related Articles

Newsletter

Popular Posts

Preyed to Pay: Video Traps

Disclosure : Router based DNS MITM Attack

‘Work From Home’ Scams – A Business of Fake Opportunities

Archives

Categories