This valentine’s day Microsoft Security Bulletin February 2018 released security patches addressing a total of 50 security vulnerabilities in various Microsoft products along with additional patches for the Meltdown and Spectre vulnerabilities (ADV180002), as a part of regulr patch tuesday.
Among these 14 rated as Critical, 34 rated as Important and 2 rated as Moderate. These vulnerabilities impact Outlook, Edge, Scripting Engine, App Container, Windows, flash player and more.
There are no Zero day vulnerabilities, but Microsoft included security patches for South Korea’s CERT identified Adobe Flash Player critical vulnerability, which is exploited in wild starting of this month. More information about this vulnerability can be found here
In-The-Wild and Disclosed vulnerability(CVE-2018-0771):
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. Successful exploitation of this vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and send the restricted data. Microsoft released patch addressing this vulnerability before attackers take advantage of this vulnerability.
Microsoft Outlook Memory Corruption Vulnerability (CVE-2018-0852):
A remote code execution vulnerability exists in Microsoft Outlook, which fails to handle objects in memory properly. For successful exploitation, an attacker has to convince users to open or previews malicious email. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in the context of the logged in user.
In addition, Microsoft also released patches addressing 11 information disclosure and elevation of privilege vulnerabilities affecting the Windows kernel, which allows an attacker to gain SYSTEM-level privileges.
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- Adobe Flash
Product: Microsoft Edge
CVE’s/Advisory: CVE-2018-0763, CVE-2018-0771, CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0839, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861
Impact: Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s: 4074588, 4074590, 4074591, 4074592, 4074596
Product: Microsoft Windows
CVE’s/Advisory: ADV180005, CVE-2018-0742, CVE-2018-0755, CVE-2018-0756, CVE-2018-0757, CVE-2018-0760, CVE-2018-0761, CVE-2018-0809, CVE-2018-0810, CVE-2018-0820, CVE-2018-0821, CVE-2018-0822, CVE-2018-0823, CVE-2018-0825, CVE-2018-0826, CVE-2018-0827, CVE-2018-0828, CVE-2018-0829, CVE-2018-0830, CVE-2018-0831, CVE-2018-0832, CVE-2018-0833, CVE-2018-0842, CVE-2018-0843, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847, CVE-2018-0855
Impact: Defense in Depth, Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s: 4034044, 4058165, 4073079, 4073080, 4074587, 4074588, 4074589, 4074590, 4074591, 4074592, 4074593, 4074594, 4074596, 4074597, 4074598, 4074603, 4074836, 4074851
Product: Microsoft Office and Microsoft Office Services and Web Apps
CVE’s/Advisory: CVE-2018-0841, CVE-2018-0850, CVE-2018-0851, CVE-2018-0852, CVE-2018-0853, CVE-2018-0864, CVE-2018-0869
Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution
KB’s: 3114874, 3172459, 4011143, 4011200, 4011680, 4011682, 4011686, 4011690, 4011697, 4011701, 4011703, 4011707, 4011711, 4011715
CVE’s/Advisory: CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860
Impact: Remote Code Execution