Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
talosblog[email protected] (Nick Biasini)TALOSBLOG:826AA3C41E62C22CF612479CB5D49D8B
HistoryMar 13, 2018 - 2:38 p.m.

Microsoft Patch Tuesday - March 2018

2018-03-1314:38:00
[email protected] (Nick Biasini)
feedproxy.google.com
123

0.968 High

EPSS

Percentile

99.6%

JSON

Microsoft Patch Tuesday - March 2018

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 74 new vulnerabilities, with 14 of them rated critical and 59 of them rated important. These vulnerabilities impact Internet Explorer, Edge, Exchange, Scripting Engine, Windows Shell and more.

Critical Vulnerabilities

This month, Microsoft is addressing 14 vulnerabilities that are rated as critical.

The vulnerabilities rated as critical are listed below:

CVE-2018-0872 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0874 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0876 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0889 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0893 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0925 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0930 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0931 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0932 - Microsoft Browser Information Disclosure Vulnerability
CVE-2018-0933 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0934 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0936 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0937 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0939 - Scripting Engine Information Disclosure Vulnerability

Important Vulnerabilities

This month, Microsoft is addressing 59 vulnerabilities that are rated as important. Talos believes one of these is notable and should be called out.

CVE-2018-0883 - Windows Shell Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Windows Shell. This vulnerability could be exploited by an attacker convincing a user to open a specially crafted file via email, messaging, or other means. An attacker exploiting this vulnerability could execute arbitrary code in context of the current user.

Other vulnerabilities rated as important are listed below:

CVE-2018-0877 - Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
CVE-2018-0878 - Windows Remote Assistance Information Disclosure Vulnerability
CVE-2018-0879 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0880 - Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2018-0881 - Microsoft Video Control Elevation of Privilege Vulnerability
CVE-2018-0882 - Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2018-0787 - ASP.NET Core Elevation Of Privilege Vulnerability
CVE-2018-0808 - ASP.NET Core Denial Of Service Vulnerability
CVE-2018-0811 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0813 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0814 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0815 - Windows GDI Elevation of Privilege Vulnerability
CVE-2018-0816 - Windows GDI Elevation of Privilege Vulnerability
CVE-2018-0817 - Windows GDI Elevation of Privilege Vulnerability
CVE-2018-0868 - Windows Installer Elevation of Privilege Vulnerability
CVE-2018-0873 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0875 - ASP.NET Core Denial of Service Vulnerability
CVE-2018-0884 - Windows Security Feature Bypass Vulnerability
CVE-2018-0885 - Windows Hyper-V Denial of Service Vulnerability
CVE-2018-0886 - CredSSP Remote Code Execution Vulnerability
CVE-2018-0888 - Hyper-V Information Disclosure Vulnerability
CVE-2018-0891 - Microsoft Browser Information Disclosure Vulnerability
CVE-2018-0894 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0895 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0896 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0897 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0898 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0899 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0900 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0901 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0902 - CNG Security Feature Bypass Vulnerability
CVE-2018-0903 - Microsoft Access Remote Code Execution Vulnerability
CVE-2018-0904 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0907 - Microsoft Office Excel Security Feature Bypass
CVE-2018-0909 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0910 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0911 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0912 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0913 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0914 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0915 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0916 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0917 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0919 - Microsoft Office Information Disclosure Vulnerability
CVE-2018-0921 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0922 - Microsoft Office Memory Corruption Vulnerability
CVE-2018-0923 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0926 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0927 - Microsoft Browser Information Disclosure Vulnerability
CVE-2018-0929 - Internet Explorer Information Disclosure Vulnerability
CVE-2018-0935 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0940 - Microsoft Exchange Elevation of Privilege Vulnerability
CVE-2018-0941 - Microsoft Exchange Information Disclosure Vulnerability
CVE-2018-0942 - Internet Explorer Elevation of Privilege Vulnerability
CVE-2018-0944 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-0947 - Microsoft Sharepoint Elevation of Privilege Vulnerability
CVE-2018-0977 - Win32k Elevation of Privilege Vulnerability
CVE-2018-0983 - Windows Storage Services Elevation of Privilege Vulnerability

Coverage

In response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.

Snort Rules:
45873-45884
45887-45890
45892-45895
45900-45903

Related

openvas 12
trendmicroblog 1
nessus 16
mskb 27
kaspersky 6
prion 49
cve 50
osv 13
veracode 2
github 11
threatpost 1
qualysblog 1
zdt 1
krebs 1
symantec 4
mscve 3
redhatcve 1
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4088782)
2018-03-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4088786)
2018-03-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4088787)
2018-03-14 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 12, 2018
2018-03-16 15:14:43
nessus
nessus
KB4088782: Windows 10 Version 1703 March 2018 Security Update
2018-03-13 00:00:00
KB4088787: Windows 10 Version 1607 and Windows Server 2016 March 2018 Security Update
2018-03-13 00:00:00
KB4088776: Windows 10 Version 1709 and Windows Server Version 1709 March 2018 Security Update
2018-03-13 00:00:00
mskb
mskb
March 13, 2018—KB4088782 (OS Build 15063.966 and 15063.968)
2018-04-06 07:00:00
March 13, 2018—KB4088786 (OS Build 10240.17797)
2018-04-06 07:00:00
March 13, 2018—KB4088787 (OS Build 14393.2125 and 14393.2126)
2018-04-06 07:00:00
kaspersky
kaspersky
KLA11207 Multiple vulnerabilities in Microsoft Windows
2018-03-13 00:00:00
KLA11209 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
2018-03-13 00:00:00
KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
2018-03-13 00:00:00
prion
prion
Privilege escalation
2018-03-14 17:29:00
Privilege escalation
2018-03-14 17:29:00
Privilege escalation
2018-03-14 17:29:00
cve
cve
CVE-2018-0921
2018-03-14 17:29:00
CVE-2018-0912
2018-03-14 17:29:00
CVE-2018-0944
2018-03-14 17:29:00
osv
osv
CVE-2018-0934
2018-03-14 17:29:03
ChakraCore RCE Vulnerability
2022-05-13 01:18:35
ChakraCore RCE Vulnerability
2022-05-13 01:18:35
veracode
veracode
Remote Code Execution (RCE)
2018-12-03 04:14:07
Denial Of Service (DoS)
2018-06-29 05:20:44
github
github
ChakraCore RCE Vulnerability
2022-05-13 01:18:38
ChakraCore RCE Vulnerability
2022-05-13 01:18:38
ChakraCore RCE Vulnerability
2022-05-13 01:18:35
threatpost
threatpost
Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update
2018-03-13 18:25:37
qualysblog
qualysblog
March Patch Tuesday – 75 Microsoft vulnerabilities, 7 for Adobe
2018-03-13 18:39:45
zdt
zdt
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) Exploit
2018-04-03 00:00:00
krebs
krebs
Flash, Windows Users: It’s Time to Patch
2018-03-13 19:36:28
symantec
symantec
Microsoft ChakraCore Scripting Engine CVE-2018-0874 Remote Memory Corruption Vulnerability
2018-03-13 00:00:00
Microsoft ChakraCore Scripting Engine CVE-2018-0939 Information Disclosure Vulnerability
2018-03-13 00:00:00
Microsoft SharePoint Server CVE-2018-0944 Remote Privilege Escalation Vulnerability
2018-03-13 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2018-03-13 07:00:00
Microsoft SharePoint Elevation of Privilege Vulnerability
2018-03-13 07:00:00
Microsoft SharePoint Elevation of Privilege Vulnerability
2018-03-13 07:00:00
redhatcve
redhatcve
CVE-2018-0875
2018-03-13 16:49:41

0.968 High

EPSS

Percentile

99.6%

JSON
Related for TALOSBLOG:826AA3C41E62C22CF612479CB5D49D8B
openvas12trendmicroblog1nessus16mskb27kaspersky6prion49cve50osv13veracode2github11threatpost1qualysblog1zdt1krebs1symantec4mscve3redhatcve1