March 2018 Security Updates (Preliminary. Work in Progress)
| Description | |||||
|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| .NET Core Denial of Service Vulnerability | |||||
| %%cve:2018-0875%% | No | No | Less Likely | Less Likely | Important |
| ASP.NET Core Denial of Service Vulnerability | |||||
| %%cve:2018-0808%% | Yes | No | – | – | Important |
| ASP.NET Core Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0787%% | No | No | – | – | Important |
| CNG Security Feature Bypass Vulnerability | |||||
| %%cve:2018-0902%% | No | No | Less Likely | Less Likely | Important |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| %%cve:2018-0930%% | No | No | – | – | Critical |
| %%cve:2018-0931%% | No | No | – | – | Critical |
| %%cve:2018-0933%% | No | No | – | – | Critical |
| %%cve:2018-0934%% | No | No | – | – | Critical |
| %%cve:2018-0936%% | No | No | – | – | Critical |
| %%cve:2018-0937%% | No | No | – | – | Critical |
| %%cve:2018-0872%% | No | No | – | – | Critical |
| %%cve:2018-0873%% | No | No | – | – | Important |
| %%cve:2018-0874%% | No | No | – | – | Critical |
| CredSSP Remote Code Execution Vulnerability | |||||
| %%cve:2018-0886%% | No | No | Less Likely | Less Likely | Important |
| Hyper-V Information Disclosure Vulnerability | |||||
| %%cve:2018-0888%% | No | No | Less Likely | Less Likely | Important |
| Internet Explorer Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0942%% | No | No | – | – | Important |
| Internet Explorer Information Disclosure Vulnerability | |||||
| %%cve:2018-0929%% | No | No | More Likely | More Likely | Important |
| March 2018 Adobe Flash Security Update | |||||
| ADV180006 | No | No | – | – | Critical |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| %%cve:2018-0903%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Browser Information Disclosure Vulnerability | |||||
| %%cve:2018-0927%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0932%% | No | No | – | – | Critical |
| Microsoft Edge Information Disclosure Vulnerability | |||||
| %%cve:2018-0879%% | No | No | – | – | Important |
| Microsoft Exchange Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0940%% | Yes | No | Unlikely | Unlikely | Important |
| Microsoft Exchange Information Disclosure Vulnerability | |||||
| %%cve:2018-0924%% | No | No | Unlikely | Unlikely | Low |
| %%cve:2018-0941%% | No | No | Unlikely | Unlikely | Important |
| Microsoft Office Excel Security Feature Bypass | |||||
| %%cve:2018-0907%% | No | No | More Likely | More Likely | Important |
| Microsoft Office Information Disclosure Vulnerability | |||||
| %%cve:2018-0919%% | No | No | More Likely | More Likely | Important |
| Microsoft Office Memory Corruption Vulnerability | |||||
| %%cve:2018-0922%% | No | No | – | – | Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0909%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0910%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0911%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0912%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0913%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0914%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0915%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0916%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0917%% | No | No | – | – | Important |
| %%cve:2018-0921%% | No | No | – | – | Important |
| %%cve:2018-0923%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0944%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Sharepoint Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0947%% | No | No | Less Likely | Less Likely | Important |
| Microsoft Video Control Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0881%% | No | No | Less Likely | Less Likely | Important |
| Scripting Engine Information Disclosure Vulnerability | |||||
| %%cve:2018-0891%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0939%% | No | No | – | – | Critical |
| Scripting Engine Memory Corruption Vulnerability | |||||
| %%cve:2018-0889%% | No | No | More Likely | More Likely | Critical |
| %%cve:2018-0893%% | No | No | – | – | Critical |
| %%cve:2018-0935%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0876%% | No | No | – | – | Critical |
| %%cve:2018-0925%% | No | No | – | – | Critical |
| Win32k Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0977%% | No | No | More Likely | More Likely | Important |
| Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0880%% | No | No | Less Likely | Less Likely | Important |
| %%cve:2018-0882%% | No | No | – | – | Important |
| Windows Desktop Bridge VFS Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0877%% | No | No | Less Likely | Less Likely | Important |
| Windows GDI Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0816%% | No | No | – | – | Important |
| %%cve:2018-0817%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0815%% | No | No | – | – | Important |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| %%cve:2018-0885%% | No | No | Less Likely | Less Likely | Important |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0868%% | No | No | Less Likely | Less Likely | Important |
| Windows Kernel Information Disclosure Vulnerability | |||||
| %%cve:2018-0811%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0894%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0895%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0896%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0897%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0898%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0899%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0900%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0901%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0926%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0813%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0814%% | No | No | More Likely | More Likely | Important |
| %%cve:2018-0904%% | No | No | More Likely | More Likely | Important |
| Windows Remote Assistance Information Disclosure Vulnerability | |||||
| %%cve:2018-0878%% | No | No | Less Likely | Less Likely | Important |
| Windows Security Feature Bypass Vulnerability | |||||
| %%cve:2018-0884%% | No | No | Less Likely | Less Likely | Important |
| Windows Shell Remote Code Execution Vulnerability | |||||
| %%cve:2018-0883%% | No | No | More Likely | More Likely | Important |
| Windows Storage Services Elevation of Privilege Vulnerability | |||||
| %%cve:2018-0983%% | No | No | More Likely | More Likely | Important |
—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.