Patch Tuesday Archive
Patch Tuesday February 2018
Total CVEs
53
Critical
15
Important
34
Exploited
0
Publicly Disclosed
1
All CVEs this month 53
| CVE | Title | Severity | CVSS | Product | Exploited | Disclosed | Diffed |
|---|---|---|---|---|---|---|---|
| CVE-2018-0810 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0827 | Windows Security Feature Bypass Vulnerability | Important | 5.3 |
Device Guard | - | - | - |
| CVE-2018-0828 | Windows Elevation of Privilege Vulnerability | Important | 6.6 |
Microsoft Windows | - | - | - |
| CVE-2018-0829 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0830 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0831 | Windows Kernel Elevation of Privilege Vulnerability | Important | 6.6 |
Windows Kernel | - | - | - |
| CVE-2018-0832 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0833 | Windows Denial of Service Vulnerability | Moderate | 4.8 |
Windows SMB Server | - | - | - |
| CVE-2018-0834 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0835 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0836 | Scripting Engine Memory Corruption Vulnerability | Important | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0837 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0838 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0839 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | Important | 4.3 |
Microsoft Edge | - | - | - |
| CVE-2018-0840 | Scripting Engine Memory Corruption Vulnerability | Critical | 7.5 |
Microsoft Browsers | - | - | - |
| CVE-2018-0841 | Microsoft Excel Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - | - |
| CVE-2018-0842 | Windows Kernel Elevation of Privilege Vulnerability | Important | 6.7 |
Windows Kernel | - | - | - |
| CVE-2018-0843 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0847 | Windows Scripting Engine Memory Corruption Vulnerability | Important | 4.3 |
Microsoft Windows | - | - | - |
| CVE-2018-0852 | Microsoft Outlook Memory Corruption Vulnerability | Critical | - | Microsoft Office | - | - | - |
| CVE-2018-0855 | Windows EOT Font Engine Information Disclosure Vulnerability | Important | 4.3 |
Graphic Fonts | - | - | - |
| CVE-2018-0856 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0857 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0858 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0859 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0860 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0861 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0866 | Scripting Engine Memory Corruption Vulnerability | Low | 7.5 |
Microsoft Scripting Engine | - | - | - |
| CVE-2018-0869 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | - | Microsoft Office | - | - | - |
| CVE-2018-0908 | Microsoft Identity Manager XSS Elevation of Privilege Vulnerability | Important | - | Microsoft Identity Manager | - | - | - |
| CVE-2018-0742 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - | - |
| CVE-2018-0755 | Windows EOT Font Engine Information Disclosure Vulnerability | Important | 5.5 |
Graphic Fonts | - | - | - |
| CVE-2018-0756 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - | - |
| CVE-2018-0771 | Microsoft Edge Security Feature Bypass Vulnerability | Moderate | 2.4 |
Microsoft Edge | - | Yes | - |
| CVE-2018-0809 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - | - |
| CVE-2018-0820 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - | - |
| CVE-2018-0821 | Windows AppContainer Elevation Of Privilege Vulnerability | Important | 5.3 |
Microsoft Windows | - | - | - |
| CVE-2018-0822 | Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - | - |
| CVE-2018-0823 | Named Pipe File System Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - | - |
| CVE-2018-0825 | StructuredQuery Remote Code Execution Vulnerability | Critical | 8.1 |
Microsoft Windows | - | - | - |
| CVE-2018-0826 | Windows Storage Services Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - | - |
| CVE-2018-0844 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 |
Common Log File System Driver | - | - | - |
| CVE-2018-0846 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 |
Common Log File System Driver | - | - | - |
| CVE-2018-0850 | Microsoft Outlook Elevation of Privilege Vulnerability | Important | - | Microsoft Office | - | - | - |
| CVE-2018-0851 | Microsoft Office Memory Corruption Vulnerability | Important | - | Microsoft Office | - | - | - |
| CVE-2018-0853 | Microsoft Office Information Disclosure Vulnerability | Important | - | Microsoft Office | - | - | - |
| ADV180004 | February 2018 Adobe Flash Security Update | Critical | - | Adobe Flash Player | - | - | - |
| CVE-2018-0864 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | - | Microsoft Office | - | - | - |
| ADV180005 | Document signing deprecation in XPS Viewer | Unknown | - | Windows Authentication Methods | - | - | - |
| CVE-2018-0757 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 |
Windows Kernel | - | - | - |
| CVE-2018-0760 | Windows EOT Font Engine Information Disclosure Vulnerability | Important | 5.5 |
Graphic Fonts | - | - | - |
| CVE-2018-0761 | Windows EOT Font Engine Information Disclosure Vulnerability | Important | 5.5 |
Graphic Fonts | - | - | - |
| CVE-2018-0763 | Microsoft Edge Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Edge | - | - | - |
Threat Categories 6
| Threat Category | CVEs | Critical |
|---|---|---|
| Remote Code Execution | 19 | 14 |
| Elevation of Privilege | 16 | - |
| Information Disclosure | 14 | 1 |
| Security Feature Bypass | 2 | - |
| Defense in Depth | 1 | - |
| Denial of Service | 1 | - |
Affected Products 13
| Product | CVEs | Exploited |
|---|---|---|
| Microsoft Scripting Engine | 12 | - |
| Windows Kernel | 11 | - |
| Microsoft Windows | 8 | - |
| Microsoft Office | 7 | - |
| Graphic Fonts | 4 | - |
| Microsoft Edge | 3 | - |
| Common Log File System Driver | 2 | - |
| Adobe Flash Player | 1 | - |
| Device Guard | 1 | - |
| Microsoft Browsers | 1 | - |
| Microsoft Identity Manager | 1 | - |
| Windows Authentication Methods | 1 | - |
| Windows SMB Server | 1 | - |