Security News > 2018 > January > Microsoft plugs 56 vulns, including Office flaw exploited in attacks
As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively exploited by attackers. Office flaw exploited in the wild Security updates and patches for mitigating the risk of Meltdown and Spectre attacks have received much attention in the past days, but those released by Microsoft on Tuesday also deserve it. As mentioned earlier, a flaw (CVE-2018-0802) in Microsoft … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/PwqzHPXtZKg/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-10 | CVE-2018-0802 | Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". | 7.8 |