Today Microsoft released regular patches fixing a total of 75 vulnerabilities. Among these Microsoft rated 14 CVEs as Critical and rest 61 as Important. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps.
This Patch Tuesday major critical vulnerabilities in browsers and browser-related technologies. Which includes four Remote Code Execution (RCE) vulnerabilities in the Microsoft Scripting Engine and eight vulnerabilities in the Microsoft Chakra Scripting Engine. These vulnerabilities are due to the way “Scripting Engine” handles objects in memory. This would affect Microsoft browsers Edge and IE.
Microsoft released the additional update for Meltdown and Spectre vulnerabilities for Windows 7 and Windows 8.1 for 32 bit versions and mitigation’s for Windows Server 2008/2012.
There are no Zero day vulnerabilities, but Microsoft included security patches for vulnerabilities reported in Zero Day Initiative team blog. As per ZDI “all of these involve bugs with input sanitization that could allow cross-site scripting (XSS) attacks,”.
In-The-Wild and Disclosed vulnerability (CVE-2018-0808):
A denial of service vulnerability exists in ASP.NET Core when handling the web requests. Successful exploitation of this vulnerability could allow an attacker cause a denial of service against an ASP.NET Core web application.
Microsoft Exchange Elevation of Privilege Vulnerability (CVE-2018-0940):
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly sanitize links. Successful exploitation of this vulnerability could allow an attacker to gain elevated privileges and could override the OWA interface with a fake login page.
CredSSP Remote Code Execution Vulnerability (CVE-2018-0886):
A remote code execution vulnerability exists in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.
March 2018 patch tuesday release consists of security updates for the following softwares:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- Microsoft Exchange Server
- ASP.NET Core
- .NET Core
- PowerShell Core
- ChakraCore
- Adobe Flash
Microsoft security bulletin summary for March 2018:
Product: Internet Explorer
CVE’s/Advisory: CVE-2018-0889, CVE-2018-0891, CVE-2018-0927, CVE-2018-0929, CVE-2018-0932, CVE-2018-0935, CVE-2018-0942
Severity: Critical
Impact: Remote Code Execution
KB’s: 4088776, 4088779, 4088782, 4088786, 4088787, 4088875, 4088876, 4088877, 4089187
Product: Microsoft Edge
CVE’s/Advisory: CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0876, CVE-2018-0879, CVE-2018-0891, CVE-2018-0893, CVE-2018-0927, CVE-2018-0930, CVE-2018-0931, CVE-2018-0932, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, CVE-2018-0937, CVE-2018-0939
Severity: Critical
Impact: Remote Code Execution
KB’s: 4088776, 4088779, 4088782, 4088786, 4088787
Product: Microsoft Windows
CVE’s/Advisory: CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0815, CVE-2018-0816, CVE-2018-0817, CVE-2018-0868, CVE-2018-0877, CVE-2018-0878, CVE-2018-0880, CVE-2018-0881, CVE-2018-0882, CVE-2018-0883, CVE-2018-0884, CVE-2018-0885, CVE-2018-0886, CVE-2018-0888, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901, CVE-2018-0902, CVE-2018-0904, CVE-2018-0926, CVE-2018-0977, CVE-2018-0983
Severity: Important
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s: 4056564, 4073011, 4087398, 4088776, 4088779, 4088782, 4088786, 4088787, 4088827, 4088875, 4088876, 4088877, 4088878, 4088879, 4088880, 4089175, 4089229, 4089344, 4089453
Product: Microsoft Office and Microsoft Office Services and Web Apps
CVE’s/Advisory: CVE-2018-0903, CVE-2018-0907, CVE-2018-0909, CVE-2018-0910, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0919, CVE-2018-0921, CVE-2018-0922, CVE-2018-0923, CVE-2018-0944, CVE-2018-0947
Severity: Important
Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s: 3114416, 4011023, 4011234, 4011665, 4011673, 4011674, 4011675, 4011688, 4011692, 4011695, 4011705, 4011709, 4011714, 4011720, 4011721, 4011727, 4011730, 4018291, 4018293, 4018298, 4018304, 4018305, 4018309
Product: Microsoft Exchange Server
CVE’s/Advisory: CVE-2018-0924, CVE-2018-0940, CVE-2018-0941
Severity: Important
Impact: Elevation of Privilege, Information Disclosure
KB’s: 4073392, 4073537
Product: ASP.NET Core
CVE’s/Advisory: CVE-2018-0787, CVE-2018-0808
Severity: Important
Impact: Elevation of Privilege, Denial of Service
Product: .NET Core
CVE’s/Advisory: CVE-2018-0875
Severity: Important
Impact: Denial of Service
Product: PowerShell Core
CVE’s/Advisory: CVE-2018-0875
Severity: Important
Impact: Denial of Service
Product: ChakraCore
CVE’s/Advisory: CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0891, CVE-2018-0925, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, CVE-2018-0937, CVE-2018-0939
Severity: Critical
Impact: Information Disclosure, Remote Code Execution
Product: Adobe Flash
CVE’s/Advisory: ADV180006, CVE-2018-4919, CVE-2018-4920
Severity: Critical
Impact: Remote Code Execution
KB’s: 4088785
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.