March 2018 Security Updates (Preliminary. Work in Progress)
Description | |||||
---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
.NET Core Denial of Service Vulnerability | |||||
%%cve:2018-0875%% | No | No | Less Likely | Less Likely | Important |
ASP.NET Core Denial of Service Vulnerability | |||||
%%cve:2018-0808%% | Yes | No | – | – | Important |
ASP.NET Core Elevation of Privilege Vulnerability | |||||
%%cve:2018-0787%% | No | No | – | – | Important |
CNG Security Feature Bypass Vulnerability | |||||
%%cve:2018-0902%% | No | No | Less Likely | Less Likely | Important |
Chakra Scripting Engine Memory Corruption Vulnerability | |||||
%%cve:2018-0930%% | No | No | – | – | Critical |
%%cve:2018-0931%% | No | No | – | – | Critical |
%%cve:2018-0933%% | No | No | – | – | Critical |
%%cve:2018-0934%% | No | No | – | – | Critical |
%%cve:2018-0936%% | No | No | – | – | Critical |
%%cve:2018-0937%% | No | No | – | – | Critical |
%%cve:2018-0872%% | No | No | – | – | Critical |
%%cve:2018-0873%% | No | No | – | – | Important |
%%cve:2018-0874%% | No | No | – | – | Critical |
CredSSP Remote Code Execution Vulnerability | |||||
%%cve:2018-0886%% | No | No | Less Likely | Less Likely | Important |
Hyper-V Information Disclosure Vulnerability | |||||
%%cve:2018-0888%% | No | No | Less Likely | Less Likely | Important |
Internet Explorer Elevation of Privilege Vulnerability | |||||
%%cve:2018-0942%% | No | No | – | – | Important |
Internet Explorer Information Disclosure Vulnerability | |||||
%%cve:2018-0929%% | No | No | More Likely | More Likely | Important |
March 2018 Adobe Flash Security Update | |||||
ADV180006 | No | No | – | – | Critical |
Microsoft Access Remote Code Execution Vulnerability | |||||
%%cve:2018-0903%% | No | No | Less Likely | Less Likely | Important |
Microsoft Browser Information Disclosure Vulnerability | |||||
%%cve:2018-0927%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0932%% | No | No | – | – | Critical |
Microsoft Edge Information Disclosure Vulnerability | |||||
%%cve:2018-0879%% | No | No | – | – | Important |
Microsoft Exchange Elevation of Privilege Vulnerability | |||||
%%cve:2018-0940%% | Yes | No | Unlikely | Unlikely | Important |
Microsoft Exchange Information Disclosure Vulnerability | |||||
%%cve:2018-0924%% | No | No | Unlikely | Unlikely | Low |
%%cve:2018-0941%% | No | No | Unlikely | Unlikely | Important |
Microsoft Office Excel Security Feature Bypass | |||||
%%cve:2018-0907%% | No | No | More Likely | More Likely | Important |
Microsoft Office Information Disclosure Vulnerability | |||||
%%cve:2018-0919%% | No | No | More Likely | More Likely | Important |
Microsoft Office Memory Corruption Vulnerability | |||||
%%cve:2018-0922%% | No | No | – | – | Important |
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
%%cve:2018-0909%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0910%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0911%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0912%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0913%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0914%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0915%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0916%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0917%% | No | No | – | – | Important |
%%cve:2018-0921%% | No | No | – | – | Important |
%%cve:2018-0923%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0944%% | No | No | Less Likely | Less Likely | Important |
Microsoft Sharepoint Elevation of Privilege Vulnerability | |||||
%%cve:2018-0947%% | No | No | Less Likely | Less Likely | Important |
Microsoft Video Control Elevation of Privilege Vulnerability | |||||
%%cve:2018-0881%% | No | No | Less Likely | Less Likely | Important |
Scripting Engine Information Disclosure Vulnerability | |||||
%%cve:2018-0891%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0939%% | No | No | – | – | Critical |
Scripting Engine Memory Corruption Vulnerability | |||||
%%cve:2018-0889%% | No | No | More Likely | More Likely | Critical |
%%cve:2018-0893%% | No | No | – | – | Critical |
%%cve:2018-0935%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0876%% | No | No | – | – | Critical |
%%cve:2018-0925%% | No | No | – | – | Critical |
Win32k Elevation of Privilege Vulnerability | |||||
%%cve:2018-0977%% | No | No | More Likely | More Likely | Important |
Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||
%%cve:2018-0880%% | No | No | Less Likely | Less Likely | Important |
%%cve:2018-0882%% | No | No | – | – | Important |
Windows Desktop Bridge VFS Elevation of Privilege Vulnerability | |||||
%%cve:2018-0877%% | No | No | Less Likely | Less Likely | Important |
Windows GDI Elevation of Privilege Vulnerability | |||||
%%cve:2018-0816%% | No | No | – | – | Important |
%%cve:2018-0817%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0815%% | No | No | – | – | Important |
Windows Hyper-V Denial of Service Vulnerability | |||||
%%cve:2018-0885%% | No | No | Less Likely | Less Likely | Important |
Windows Installer Elevation of Privilege Vulnerability | |||||
%%cve:2018-0868%% | No | No | Less Likely | Less Likely | Important |
Windows Kernel Information Disclosure Vulnerability | |||||
%%cve:2018-0811%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0894%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0895%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0896%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0897%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0898%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0899%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0900%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0901%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0926%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0813%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0814%% | No | No | More Likely | More Likely | Important |
%%cve:2018-0904%% | No | No | More Likely | More Likely | Important |
Windows Remote Assistance Information Disclosure Vulnerability | |||||
%%cve:2018-0878%% | No | No | Less Likely | Less Likely | Important |
Windows Security Feature Bypass Vulnerability | |||||
%%cve:2018-0884%% | No | No | Less Likely | Less Likely | Important |
Windows Shell Remote Code Execution Vulnerability | |||||
%%cve:2018-0883%% | No | No | More Likely | More Likely | Important |
Windows Storage Services Elevation of Privilege Vulnerability | |||||
%%cve:2018-0983%% | No | No | More Likely | More Likely | Important |
—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.