Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4056896
HistoryJan 03, 2018 - 8:00 a.m.

January 4, 2018—KB4056896 (Monthly Rollup)

2018-01-0308:00:00
Microsoft
support.microsoft.com
58

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.085 Low

EPSS

Percentile

94.4%

JSON

January 4, 2018—KB4056896 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4054520(released December 12, 2017) and addresses the following issues:

  • Security updates to Windows SMB Server, Windows Kernel, Windows Datacenter Networking, Windows Graphics, and Internet Explorer.
    For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Symptom Workaround
When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions.When calling CoInitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL. This issue is resolved in KB4057402.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4056896.

Related

nessus 10
mskb 17
openvas 9
kaspersky 3
prion 24
cve 24
cvelist 24
zdt 6
mscve 12
symantec 2
checkpoint_advisories 1
googleprojectzero 2
zdi 1
talosblog 1
trendmicroblog 1
osv 13
veracode 7
nessus
nessus
KB4056899: Windows Server 2012 January 2018 Security Update
2018-01-04 00:00:00
KB4056898: Windows 8.1 and Windows Server 2012 R2 January 2018 Security Update (Meltdown)(Spectre)
2018-01-04 00:00:00
KB4056897: Windows 7 and Windows Server 2008 R2 January 2018 Security Update (Meltdown)(Spectre)
2018-01-04 00:00:00
mskb
mskb
January 3, 2018—KB4056898 (Security-only update)
2018-01-03 08:00:00
January 8, 2018—KB4056895 (Monthly Rollup)
2018-01-03 08:00:00
January 3, 2018—KB4056899 (Security-only update)
2018-01-03 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4056899)
2018-01-04 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4056898)
2018-01-04 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4056893)
2018-01-04 00:00:00
kaspersky
kaspersky
KLA11165 Microsoft vulnerabilities in Microsoft Windows
2018-01-03 00:00:00
KLA11167 Multiple vulnerabilities in Microsoft Products (ESU)
2018-01-03 00:00:00
KLA11166 Multiple vunlerabilities in Microsoft Browsers
2018-01-03 00:00:00
prion
prion
Privilege escalation
2018-01-04 14:29:00
Privilege escalation
2018-01-04 14:29:00
Information disclosure
2018-01-04 14:29:00
cve
cve
CVE-2018-0751
2018-01-04 14:29:00
CVE-2018-0752
2018-01-04 14:29:00
CVE-2018-0745
2018-01-04 14:29:00
cvelist
cvelist
CVE-2018-0752
2018-01-03 00:00:00
CVE-2018-0751
2018-01-03 00:00:00
CVE-2018-0745
2018-01-03 00:00:00
zdt
zdt
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC
2018-01-06 00:00:00
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass Exploit
2018-01-11 00:00:00
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation Exploit
2018-01-11 00:00:00
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2018-01-03 08:00:00
Windows Elevation of Privilege Vulnerability
2018-01-03 08:00:00
Windows Elevation of Privilege Vulnerability
2018-01-03 08:00:00
symantec
symantec
Microsoft Windows Kernel CVE-2018-0746 Local Information Disclosure Vulnerability
2018-01-03 00:00:00
Microsoft Internet Explorer and Edge CVE-2018-0762 Remote Memory Corruption Vulnerability
2018-01-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Browser Scripting Engine Memory Corruption (CVE-2018-0762)
2018-01-04 00:00:00
googleprojectzero
googleprojectzero
Windows‌ ‌Exploitation‌ ‌Tricks:‌ ‌Spoofing‌ ‌Named‌ ‌Pipe‌ ‌Client‌ ‌PID‌
2019-09-25 00:00:00
Windows Kernel Logic Bug Class: Access Mode Mismatch in IO Manager
2019-03-14 00:00:00
zdi
zdi
Microsoft Chakra Memory Allocator Integer Overflow Remote Code Execution Vulnerability
2018-01-05 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - January 2018
2018-01-09 13:36:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 8, 2018
2018-01-12 15:09:44
osv
osv
CVE-2018-0781
2018-01-04 14:29:01
CVE-2018-0769
2018-01-04 14:29:00
CVE-2018-0768
2018-01-04 14:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-07-05 03:03:14
Remote Code Execution (RCE)
2018-07-05 01:12:57
Remote Code Execution (RCE)
2018-07-04 08:44:16

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.085 Low

EPSS

Percentile

94.4%

JSON
Related for KB4056896
nessus10mskb17openvas9kaspersky3prion24cve24cvelist24zdt6mscve12symantec2checkpoint_advisories1googleprojectzero2zdi1talosblog1trendmicroblog1osv13veracode7