Posted on

Microsoft March 2018 Patch Tuesday, (Tue, Mar 13th)

March 2018 Security Updates (Preliminary. Work in Progress)

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity
.NET Core Denial of Service Vulnerability
%%cve:2018-0875%% No No Less Likely Less Likely Important
ASP.NET Core Denial of Service Vulnerability
%%cve:2018-0808%% Yes No Important
ASP.NET Core Elevation of Privilege Vulnerability
%%cve:2018-0787%% No No Important
CNG Security Feature Bypass Vulnerability
%%cve:2018-0902%% No No Less Likely Less Likely Important
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2018-0930%% No No Critical
%%cve:2018-0931%% No No Critical
%%cve:2018-0933%% No No Critical
%%cve:2018-0934%% No No Critical
%%cve:2018-0936%% No No Critical
%%cve:2018-0937%% No No Critical
%%cve:2018-0872%% No No Critical
%%cve:2018-0873%% No No Important
%%cve:2018-0874%% No No Critical
CredSSP Remote Code Execution Vulnerability
%%cve:2018-0886%% No No Less Likely Less Likely Important
Hyper-V Information Disclosure Vulnerability
%%cve:2018-0888%% No No Less Likely Less Likely Important
Internet Explorer Elevation of Privilege Vulnerability
%%cve:2018-0942%% No No Important
Internet Explorer Information Disclosure Vulnerability
%%cve:2018-0929%% No No More Likely More Likely Important
March 2018 Adobe Flash Security Update
ADV180006 No No Critical
Microsoft Access Remote Code Execution Vulnerability
%%cve:2018-0903%% No No Less Likely Less Likely Important
Microsoft Browser Information Disclosure Vulnerability
%%cve:2018-0927%% No No More Likely More Likely Important
%%cve:2018-0932%% No No Critical
Microsoft Edge Information Disclosure Vulnerability
%%cve:2018-0879%% No No Important
Microsoft Exchange Elevation of Privilege Vulnerability
%%cve:2018-0940%% Yes No Unlikely Unlikely Important
Microsoft Exchange Information Disclosure Vulnerability
%%cve:2018-0924%% No No Unlikely Unlikely Low
%%cve:2018-0941%% No No Unlikely Unlikely Important
Microsoft Office Excel Security Feature Bypass
%%cve:2018-0907%% No No More Likely More Likely Important
Microsoft Office Information Disclosure Vulnerability
%%cve:2018-0919%% No No More Likely More Likely Important
Microsoft Office Memory Corruption Vulnerability
%%cve:2018-0922%% No No Important
Microsoft SharePoint Elevation of Privilege Vulnerability
%%cve:2018-0909%% No No Less Likely Less Likely Important
%%cve:2018-0910%% No No Less Likely Less Likely Important
%%cve:2018-0911%% No No Less Likely Less Likely Important
%%cve:2018-0912%% No No Less Likely Less Likely Important
%%cve:2018-0913%% No No Less Likely Less Likely Important
%%cve:2018-0914%% No No Less Likely Less Likely Important
%%cve:2018-0915%% No No Less Likely Less Likely Important
%%cve:2018-0916%% No No Less Likely Less Likely Important
%%cve:2018-0917%% No No Important
%%cve:2018-0921%% No No Important
%%cve:2018-0923%% No No Less Likely Less Likely Important
%%cve:2018-0944%% No No Less Likely Less Likely Important
Microsoft Sharepoint Elevation of Privilege Vulnerability
%%cve:2018-0947%% No No Less Likely Less Likely Important
Microsoft Video Control Elevation of Privilege Vulnerability
%%cve:2018-0881%% No No Less Likely Less Likely Important
Scripting Engine Information Disclosure Vulnerability
%%cve:2018-0891%% No No More Likely More Likely Important
%%cve:2018-0939%% No No Critical
Scripting Engine Memory Corruption Vulnerability
%%cve:2018-0889%% No No More Likely More Likely Critical
%%cve:2018-0893%% No No Critical
%%cve:2018-0935%% No No More Likely More Likely Important
%%cve:2018-0876%% No No Critical
%%cve:2018-0925%% No No Critical
Win32k Elevation of Privilege Vulnerability
%%cve:2018-0977%% No No More Likely More Likely Important
Windows Desktop Bridge Elevation of Privilege Vulnerability
%%cve:2018-0880%% No No Less Likely Less Likely Important
%%cve:2018-0882%% No No Important
Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
%%cve:2018-0877%% No No Less Likely Less Likely Important
Windows GDI Elevation of Privilege Vulnerability
%%cve:2018-0816%% No No Important
%%cve:2018-0817%% No No More Likely More Likely Important
%%cve:2018-0815%% No No Important
Windows Hyper-V Denial of Service Vulnerability
%%cve:2018-0885%% No No Less Likely Less Likely Important
Windows Installer Elevation of Privilege Vulnerability
%%cve:2018-0868%% No No Less Likely Less Likely Important
Windows Kernel Information Disclosure Vulnerability
%%cve:2018-0811%% No No More Likely More Likely Important
%%cve:2018-0894%% No No More Likely More Likely Important
%%cve:2018-0895%% No No More Likely More Likely Important
%%cve:2018-0896%% No No More Likely More Likely Important
%%cve:2018-0897%% No No More Likely More Likely Important
%%cve:2018-0898%% No No More Likely More Likely Important
%%cve:2018-0899%% No No More Likely More Likely Important
%%cve:2018-0900%% No No More Likely More Likely Important
%%cve:2018-0901%% No No More Likely More Likely Important
%%cve:2018-0926%% No No More Likely More Likely Important
%%cve:2018-0813%% No No More Likely More Likely Important
%%cve:2018-0814%% No No More Likely More Likely Important
%%cve:2018-0904%% No No More Likely More Likely Important
Windows Remote Assistance Information Disclosure Vulnerability
%%cve:2018-0878%% No No Less Likely Less Likely Important
Windows Security Feature Bypass Vulnerability
%%cve:2018-0884%% No No Less Likely Less Likely Important
Windows Shell Remote Code Execution Vulnerability
%%cve:2018-0883%% No No More Likely More Likely Important
Windows Storage Services Elevation of Privilege Vulnerability
%%cve:2018-0983%% No No More Likely More Likely Important


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

What are your thoughts?