Security News > 2018 > January > Microsoft plugs 56 vulns, including Office flaw exploited in attacks
2018-01-10 20:51
As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively exploited by attackers. Office flaw exploited in the wild Security updates and patches for mitigating the risk of Meltdown and Spectre attacks have received much attention in the past days, but those released by Microsoft on Tuesday also deserve it. As mentioned earlier, a flaw (CVE-2018-0802) in Microsoft … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/PwqzHPXtZKg/
Related news
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0802 | Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". | 7.8 |