Microsoft, as expected included last weeks Meltdown/Spectre update in this months patch Tuesday. But note that in addition to these two flaws, we have a number of other "traditional" privilege escalation and even remote code execution flaws that are probably easier to exploit and should be treated probably with a higher priority. Regardless, I doubt that as many people will work overtime for these run of the mill flaws. For example:
CVE-2018-0788: A quick NVD search shows 15 different vulnerabilities for this Atmfd.dll. Some can even lead to code execution. But I doubt you will have this issue patched this week. Exploitation of CVE-2018-0788 can lead to code execution as administrator. Spectre/Meltdown only allow reading data.
CVE-2018-0773: An attacker may execute arbitrary code in the context of the user running the browser. Spectre, which was patched in many browser again only allows reading data.
and CVE-2018-0802, which is already being exploited.
So better get patching. It worked so well last month :)
January 2018 Security Updates
| Description | |||||
|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| .NET Security Feature Bypass Vulnerability | |||||
| %%cve:2018-0786%% | No | No | Less Likely | Less Likely | Important |
| .NET and .NET Core Denial Of Service Vulnerability | |||||
| %%cve:2018-0764%% | No | No | Unlikely | Unlikely | Important |
| ASP.NET Core Cross Site Request Forgery Vulnerabilty | |||||
| %%cve:2018-0785%% | No | No | Unlikely | Unlikely | Moderate |
| ASP.NET Core Elevation Of Privilege Vulnerability | |||||
| %%cve:2018-0784%% | No | No | Less Likely | Less Likely | Important |
| Guidance to mitigate speculative execution side-channel vulnerabilities | |||||
| ADV180002 | No | No | Less Likely | Less Likely | Important |
| January 2018 Adobe Flash Security Update | |||||
| ADV180001 | No | No | - | - | Critical |
| Microsoft Access Tampering Vulnerability | |||||
| %%cve:2018-0799%% | No | No | Unlikely | Unlikely | Important |
| Microsoft Color Management Information Disclosure Vulnerability | |||||
| %%cve:2018-0741%% | No | No | - | - | Important |
| Microsoft Edge Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0803%% | No | No | - | - | Important |
| Microsoft Edge Information Disclosure Vulnerability | |||||
| %%cve:2018-0766%% | No | No | Unlikely | Unlikely | Important |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| %%cve:2018-0796%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Office Defense in Depth Update | |||||
| ADV180003 | No | No | - | - | None |
| Microsoft Office Memory Corruption Vulnerability | |||||
| %%cve:2018-0802%% | No | Yes | Unlikely | Unlikely | Important |
| %%cve:2018-0798%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| %%cve:2018-0795%% | No | No | - | - | Important |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| %%cve:2018-0801%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||
| %%cve:2018-0791%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0793%% | No | No | More Likely | More Likely | Important |
| Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0790%% | No | No | Less Likely | Less Likely | Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0789%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Word Memory Corruption Vulnerability | |||||
| %%cve:2018-0812%% | No | No | Unlikely | Unlikely | Important |
| %%cve:2018-0797%% | No | No | Less Likely | Less Likely | Critical |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| %%cve:2018-0805%% | No | No | Unlikely | Unlikely | Important |
| %%cve:2018-0806%% | No | No | Unlikely | Unlikely | Important |
| %%cve:2018-0807%% | No | No | Unlikely | Unlikely | Important |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| %%cve:2018-0804%% | No | No | Unlikely | Unlikely | Low |
| %%cve:2018-0792%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0794%% | No | No | More Likely | More Likely | Important |
| OpenType Font Driver Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0788%% | No | No | More Likely | More Likely | Important |
| OpenType Font Driver Information Disclosure Vulnerability | |||||
| %%cve:2018-0754%% | No | No | More Likely | More Likely | Important |
| SMB Server Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0749%% | No | No | Less Likely | Less Likely | Important |
| Scripting Engine Information Disclosure Vulnerability | |||||
| %%cve:2018-0800%% | No | No | Less Likely | Less Likely | Critical |
| %%cve:2018-0767%% | No | No | Unlikely | Unlikely | Critical |
| %%cve:2018-0780%% | No | No | - | - | Critical |
| Scripting Engine Memory Corruption Vulnerability | |||||
| %%cve:2018-0773%% | No | No | - | - | Critical |
| %%cve:2018-0774%% | No | No | - | - | Critical |
| %%cve:2018-0781%% | No | No | Unlikely | Unlikely | Critical |
| %%cve:2018-0758%% | No | No | - | - | Critical |
| %%cve:2018-0762%% | No | No | More Likely | More Likely | Critical |
| %%cve:2018-0768%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0769%% | No | No | - | - | Critical |
| %%cve:2018-0770%% | No | No | - | - | Critical |
| %%cve:2018-0772%% | No | No | - | - | Critical |
| %%cve:2018-0775%% | No | No | - | - | Critical |
| %%cve:2018-0776%% | No | No | - | - | Critical |
| %%cve:2018-0777%% | No | No | - | - | Critical |
| %%cve:2018-0778%% | No | No | Unlikely | Unlikely | Critical |
| Scripting Engine Security Feature Bypass | |||||
| %%cve:2018-0818%% | No | No | Unlikely | Unlikely | Important |
| Spoofing Vulnerability in Microsoft Office for MAC | |||||
| %%cve:2018-0819%% | Yes | No | Less Likely | Less Likely | Important |
| Windows Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0748%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0751%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0752%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0744%% | No | No | More Likely | More Likely | Important |
| Windows GDI Information Disclosure Vulnerability | |||||
| %%cve:2018-0750%% | No | No | More Likely | More Likely | Important |
| Windows IPSec Denial of Service Vulnerability | |||||
| %%cve:2018-0753%% | No | No | - | - | Important |
| Windows Information Disclosure Vulnerability | |||||
| %%cve:2018-0746%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0747%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0745%% | No | No | More Likely | More Likely | Important |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0743%% | No | No | Less Likely | Less Likely | Important |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|