Security News > 2018 > January > Microsoft plugs 56 vulns, including Office flaw exploited in attacks
2018-01-10 20:51
As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively exploited by attackers. Office flaw exploited in the wild Security updates and patches for mitigating the risk of Meltdown and Spectre attacks have received much attention in the past days, but those released by Microsoft on Tuesday also deserve it. As mentioned earlier, a flaw (CVE-2018-0802) in Microsoft … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/PwqzHPXtZKg/
Related news
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0802 | Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". | 7.8 |