BULLETIN |
CVE |
| Browser - Edge | CVE-2018-0803,CVE-2018-0766 |
| Scripting Engine | CVE-2018-0780,CVE-2018-0800,CVE-2018-0767,CVE-2018-0781,CVE-2018-0769,CVE-2018-0768,CVE-2018-0778,CVE-2018-0777,CVE-2018-0758,CVE-2018-0773,CVE-2018-0770,CVE-2018-0776,CVE-2018-0774,CVE-2018-0775,CVE-2018-0772,CVE-2018-0762 |
| Adobe Flash | CVE-2018-4871 |
| Java cpujan2018 | CVE-2018-2599,CVE-2018-2678,CVE-2018-2639,CVE-2018-2582,CVE-2018-2602,CVE-2018-2603,CVE-2018-2633,CVE-2018-2588,CVE-2018-2641,CVE-2018-2637,CVE-2018-2618,CVE-2018-2677,CVE-2018-2657,CVE-2018-2663,CVE-2018-2638,CVE-2018-2579,CVE-2018-2581,CVE-2018-2634,CVE-2018-2629 |
| Microsoft Office Exel | CVE-2018-0796 |
| MS Access | CVE-2018-0799 |
| MS Outlook | CVE-2018-0791,CVE-2018-0793 |
| MS Word | CVE-2018-0797,CVE-2018-0812,CVE-2018-0805,CVE-2018-0806,CVE-2018-0807,CVE-2018-0804,CVE-2018-0794,CVE-2018-0792 |
| MS Office | CVE-2018-0802,CVE-2018-0798,CVE-2018-0795,CVE-2018-0801 |
| MS Windows Vulnerabilities | CVE-2018-0741,CVE-2018-0788,CVE-2018-0754,CVE-2018-0749,CVE-2018-0751,CVE-2018-0752,CVE-2018-0744,CVE-2018-0748,CVE-2018-0750,CVE-2018-0753,CVE-2018-0747,CVE-2018-0746,CVE-2018-0745,CVE-2018-0743 |
| Microsoft Sharepoint | CVE-2018-0790,CVE-2018-0789 |
| Developer Tools | CVE-2018-0786,CVE-2018-0764 |
Tripwire's January 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe, and Oracle. First on the patch priority list this month are patches for Microsoft browsers and scripting engine. These patches address issues such as information disclosure, elevation of privilege, and memory corruption vulnerabilities. Following these are patches for Adobe Flash and Oracle Java. The Adobe patch resolves an out-of-bounds read issue resulting in an information disclosure vulnerability. At the same time, Oracle resolved 19 vulnerabilities that impact confidentiality, integrity, and availability from multiple attack vectors. Up next are various Microsoft products including Microsoft Excel, Access, Outlook Word, and Office. These patches resolve 19 vulnerabilities related to memory corruption, remote code execution, and tampering. Lastly for this month, administrators should focus on the patching the remaining Microsoft 2018 patches that fix vulnerabilities in Windows, Sharepoint, and Developer tools. These resolve 18 vulnerabilities related to information disclosure, elevation of privilege, denial of service, and cross-site scripting. Learn more about how Tripwire can help you with your vulnerability management program here.
