January, 2018: Patch Tuesday: Spectre, Meltdown, and an Office Zero Day

Welcome to this January Patch Tuesday Bulletin. This month we have 59 unique CVE’s and advisories for the listed platforms. This is a very interesting start of the year with an MS Office zero day and two branded vulnerabilities that have been dubbed “Spectre” and “Meltdown”. CVE-2018-0802 resolves a vulnerability in MS Office that allows an attacker to execute code if a maliciously crafted document is opened. Test and make sure this vulnerability is remediated as soon as possible since these types of attacks are often leveraged in phishing attempts against organizations. Microsoft has released a security advisory ADV180002 that outlines recommended actions for Spectre/Meltdown and impacts of the updates as well as links to additional resources. Take care to review guidance provided for Windows servers and clients. Perform thorough update testing this month since there are reports that updates were causing significant issues in some cases.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

IE

IE 9,10,11

Critical

CVE-2018-0762

CVE-2018-0772

ADV180002

*Workaround: No

**Exploited: No

Information Disclosure  Remote Code Execution

Edge

Microsoft Edge

Critical

CVE-2018-0758

CVE-2018-0762

CVE-2018-0766

CVE-2018-0767

CVE-2018-0768

CVE-2018-0769

CVE-2018-0770

CVE-2018-0772

CVE-2018-0773

CVE-2018-0774

CVE-2018-0775

CVE-2018-0776

CVE-2018-0777

CVE-2018-0778

CVE-2018-0780

CVE-2018-0781

CVE-2018-0800

CVE-2018-0803

ADV180002

*Workaround: No

**Exploited: No

Information Disclosure

Remote Code Execution

Elevation of Privilege

 

Windows

Windows 7, 8.1, 10

Server 2008, 2008 R2, 2012, 2012 R2, 2016

Important

CVE-2018-0741

CVE-2018-0743

CVE-2018-0744

CVE-2018-0745

CVE-2018-0746

CVE-2018-0747

CVE-2018-0748

CVE-2018-0749

CVE-2018-0750

CVE-2018-0751

CVE-2018-0752

CVE-2018-0753

CVE-2018-0754

CVE-2018-0788

ADV180002

*Workaround: No

**Exploited: No

Information Disclosure

Elevation of Privilege

Denial of Service

 

Office, Office Services, and Web Apps

Office 2007, 2010, 2013, 2016

Excel 2007, 2010, 2013, 2016

Outlook 2007, 2010, 2013, 2016

SharePoint Server 2010, 2013, 2016

Word 2007, 2010, 2013, 2016

Critical

CVE-2018-0789

CVE-2018-0790

CVE-2018-0791

CVE-2018-0792

CVE-2018-0793

CVE-2018-0794

CVE-2018-0795

CVE-2018-0796

CVE-2018-0797

CVE-2018-0798

CVE-2018-0799

CVE-2018-0801

CVE-2018-0802**

CVE-2018-0804

CVE-2018-0805

CVE-2018-0806

CVE-2018-0807

CVE-2018-0812

CVE-2018-0819

*Workaround: No

**Exploited: Yes

Spoofing

Information Disclosure

Remote Code Execution

Tampering

 

SQL Server

Server 2008, 2016, 2017

Important

ADV180002

*Workaround: No

**Exploited: No

Information Disclosure

ChakraCore

ChakraCore

Critical

CVE-2018-0758

CVE-2018-0762

CVE-2018-0767

CVE-2018-0768

CVE-2018-0769

CVE-2018-0770

CVE-2018-0772

CVE-2018-0773

CVE-2018-0774

CVE-2018-0775

CVE-2018-0776

CVE-2018-0777

CVE-2018-0778

CVE-2018-0780

CVE-2018-0781

CVE-2018-0800

CVE-2018-0818

*Workaround: No

**Exploited: No

Remote Code Execution

Information Disclosure

Security Feature Bypass

 

.NET

.NET Core 1.0, 1.1, 2.0

.NET Framework 2.0, 3.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.2, 4.7, 4.7.1

Important

CVE-2018-0764

CVE-2018-0784

CVE-2018-0785

CVE-2018-0786

*Workaround: No

**Exploited: No

Denial of Service

Elevation of Privilege

Tampering

Security Feature Bypass

ASP.NET Core

ASP.NET Core 2.0

Important

CVE-2018-0784

CVE-2018-0785

*Workaround: No

**Exploited: No

Elevation of Privilege

Tampering

Adobe Flash

Windows 8.1, 8.1 RT, 10

Server 2012, 2012 R2

Critical

ADV180001

*Workaround: No

**Exploited: No

Remote Code Execution


Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.