Microsoft January 2018 Patch Tuesday

Microsoft, as expected included last weeks Meltdown/Spectre update in this months patch Tuesday. But note that in addition to these two flaws, we have a number of other "traditional" privilege escalation and even remote code execution flaws that are probably easier to exploit and should be treated probably with a higher priority. Regardless, I doubt that as many people will work overtime for these run of the mill flaws. For example:

CVE-2018-0788: A quick NVD search shows 15 different vulnerabilities for this Atmfd.dll. Some can even lead to code execution. But I doubt you will have this issue patched this week. Exploitation of CVE-2018-0788 can lead to code execution as administrator. Spectre/Meltdown only allow reading data.

CVE-2018-0773: An attacker may execute arbitrary code in the context of the user running the browser. Spectre, which was patched in many browser again only allows reading data.

and CVE-2018-0802, which is already being exploited.

So better get patching. It worked so well last month :)

January 2018 Security Updates

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity
.NET Security Feature Bypass Vulnerability
CVE-2018-0786	No	No	Less Likely	Less Likely	Important
.NET and .NET Core Denial Of Service Vulnerability
CVE-2018-0764	No	No	Unlikely	Unlikely	Important
ASP.NET Core Cross Site Request Forgery Vulnerabilty
CVE-2018-0785	No	No	Unlikely	Unlikely	Moderate
ASP.NET Core Elevation Of Privilege Vulnerability
CVE-2018-0784	No	No	Less Likely	Less Likely	Important
Guidance to mitigate speculative execution side-channel vulnerabilities
ADV180002	No	No	Less Likely	Less Likely	Important
January 2018 Adobe Flash Security Update
ADV180001	No	No	-	-	Critical
Microsoft Access Tampering Vulnerability
CVE-2018-0799	No	No	Unlikely	Unlikely	Important
Microsoft Color Management Information Disclosure Vulnerability
CVE-2018-0741	No	No	-	-	Important
Microsoft Edge Elevation of Privilege Vulnerability
CVE-2018-0803	No	No	-	-	Important
Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0766	No	No	Unlikely	Unlikely	Important
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-0796	No	No	Less Likely	Less Likely	Important
Microsoft Office Defense in Depth Update
ADV180003	No	No	-	-	None
Microsoft Office Memory Corruption Vulnerability
CVE-2018-0802	No	Yes	Unlikely	Unlikely	Important
CVE-2018-0798	No	No	Less Likely	Less Likely	Important
Microsoft Office Remote Code Execution Vulnerability
CVE-2018-0795	No	No	-	-	Important
Microsoft Office Remote Code Execution Vulnerability
CVE-2018-0801	No	No	Less Likely	Less Likely	Important
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2018-0791	No	No	Less Likely	Less Likely	Important
CVE-2018-0793	No	No	More Likely	More Likely	Important
Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability
CVE-2018-0790	No	No	Less Likely	Less Likely	Important
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0789	No	No	Less Likely	Less Likely	Important
Microsoft Word Memory Corruption Vulnerability
CVE-2018-0812	No	No	Unlikely	Unlikely	Important
CVE-2018-0797	No	No	Less Likely	Less Likely	Critical
Microsoft Word Remote Code Execution Vulnerability
CVE-2018-0805	No	No	Unlikely	Unlikely	Important
CVE-2018-0806	No	No	Unlikely	Unlikely	Important
CVE-2018-0807	No	No	Unlikely	Unlikely	Important
Microsoft Word Remote Code Execution Vulnerability
CVE-2018-0804	No	No	Unlikely	Unlikely	Low
CVE-2018-0792	No	No	Less Likely	Less Likely	Important
CVE-2018-0794	No	No	More Likely	More Likely	Important
OpenType Font Driver Elevation of Privilege Vulnerability
CVE-2018-0788	No	No	More Likely	More Likely	Important
OpenType Font Driver Information Disclosure Vulnerability
CVE-2018-0754	No	No	More Likely	More Likely	Important
SMB Server Elevation of Privilege Vulnerability
CVE-2018-0749	No	No	Less Likely	Less Likely	Important
Scripting Engine Information Disclosure Vulnerability
CVE-2018-0800	No	No	Less Likely	Less Likely	Critical
CVE-2018-0767	No	No	Unlikely	Unlikely	Critical
CVE-2018-0780	No	No	-	-	Critical
Scripting Engine Memory Corruption Vulnerability
CVE-2018-0773	No	No	-	-	Critical
CVE-2018-0774	No	No	-	-	Critical
CVE-2018-0781	No	No	Unlikely	Unlikely	Critical
CVE-2018-0758	No	No	-	-	Critical
CVE-2018-0762	No	No	More Likely	More Likely	Critical
CVE-2018-0768	No	No	Less Likely	Less Likely	Important
CVE-2018-0769	No	No	-	-	Critical
CVE-2018-0770	No	No	-	-	Critical
CVE-2018-0772	No	No	-	-	Critical
CVE-2018-0775	No	No	-	-	Critical
CVE-2018-0776	No	No	-	-	Critical
CVE-2018-0777	No	No	-	-	Critical
CVE-2018-0778	No	No	Unlikely	Unlikely	Critical
Scripting Engine Security Feature Bypass
CVE-2018-0818	No	No	Unlikely	Unlikely	Important
Spoofing Vulnerability in Microsoft Office for MAC
CVE-2018-0819	Yes	No	Less Likely	Less Likely	Important
Windows Elevation of Privilege Vulnerability
CVE-2018-0748	No	No	Less Likely	Less Likely	Important
CVE-2018-0751	No	No	Less Likely	Less Likely	Important
CVE-2018-0752	No	No	Less Likely	Less Likely	Important
CVE-2018-0744	No	No	More Likely	More Likely	Important
Windows GDI Information Disclosure Vulnerability
CVE-2018-0750	No	No	More Likely	More Likely	Important
Windows IPSec Denial of Service Vulnerability
CVE-2018-0753	No	No	-	-	Important
Windows Information Disclosure Vulnerability
CVE-2018-0746	No	No	More Likely	More Likely	Important
CVE-2018-0747	No	No	More Likely	More Likely	Important
CVE-2018-0745	No	No	More Likely	More Likely	Important
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2018-0743	No	No	Less Likely	Less Likely	Important

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|

I will be teaching next: Defending Web Applications Security Essentials - SANS Munich July 2019

Johannes

3557 Posts
ISC Handler

Jan 10th 2018
1 year ago