BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Microsoft Patch Tuesday February 2018

February 14, 2018

  • Blog
  • Archive

Patch Tuesday

Welcome back to the February 2018 Patch Tuesday. Microsoft has released patches for the Windows Kernel, StructuredQuery, and a host of the usual suspects. In all, there are fixes for 55 known vulnerabilities in this month’s update. Many of the vulnerabilities fixed have a ‘Critical’ security rating, including the Adobe Flash Security Update which fixes a vulnerability that was exploited in the wild. One vulnerability (CVE-2018-0771) was publicly disclosed prior to patching, but it is only rated at a moderate severity.

Kernel

The Windows Kernel has received a handful of fixes. The vulnerabilities that these fixes patch allow for a successful exploit to elevate an attacker’s privileges on a system and disclose sensitive information that could further compromise an affected system. The vulnerabilities revolve around object memory mismanagement at the kernel level. Microsoft rates these vulnerabilities as “Important.”

Scripting Engine

The Scripting Engine has 11 Critical vulnerabilities and 1 Important vulnerability patched this month. The engine is responsible for some object memory management in Microsoft Edge. When that engine mismanages maliciously crafted content, the Edge browser could be leveraged to execute an attacker’s code remotely. None of these vulnerabilities were known to be exploited or disclosed before the patch was made available.

Office

Office makes its regular Patch Tuesday appearance. This month Outlook contains a Critical remote code execution vulnerability. An attacker would exploit this vulnerability by convincing the user to open a maliciously crafted attachment in an affected version of Microsoft Outlook, and then after opening it the attacker’s code would be executed. Excel also has a remote code execution vulnerability, but it is only rated as Important. The code would have the same security context as Outlook or Excel, giving us a gentle reminder to exercise the principal of least privilege.

Edge and Internet Explorer

Microsoft’s browsers make the usual appearance, but this time with some interesting flare. One vulnerability for Edge was disclosed prior to patching that would allow for security features in the browser to be bypassed by attackers. To Microsoft’s knowledge, there have been no exploits of this vulnerability in the wild. Both Edge and Internet Explorer contain Information Disclosure vulnerabilities that would give an attacker access to potentially sensitive information on the system. One of these information disclosure vulnerabilities was rated as Critical by Microsoft, the rest are rated as Important.

Adobe Flash Player

Adobe has released a fix for a Remote Code Execution vulnerability that was being exploited in the wild. The attack is being used in limited, targeted attacks against Windows users. The attacks are known to leverage Office documents with embedded malicious Flash content that are distributed via email. Microsoft rates this vulnerability as Critical, and users should be advised to apply the patch as soon as possible.

Author, BeyondTrust Research Team

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Capabilities to NIST SP 800-207

Whitepapers

Mapping BeyondTrust Solutions to the Identity, Credential, and Access Management (ICAM) Architecture

Whitepapers

Four Key Ways Governments Can Prepare for the Growing Ransomware Threat

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.