Categories: Security News

Microsoft Released Security Updates and more than 70 Security Vulnerabilities are Fixed

Microsoft security updates released under patch Tuesday for this month (March) and fixed more than 70 vulnerabilities in all the severity categories and with 61 rated as important.

This Microsoft Security Updates including all security fixes for vulnerabilities that affect Windows 10 and Microsoft will release an auto update for all the Windows 10 users.

Security updates for March security release consist of some major Microsoft Following product and all the updates are available via the Microsoft Update Catalog.

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft Exchange Server
  • ASP.NET Core
  • .NET Core
  • PowerShell Core
  • ChakraCore
  • Adobe Flash

Many of CVE released under Critical Vulnerabilities category in this Microsoft Security Updates such as Remote Code Execution, Information Disclosure fixed Internet Explorer and Microsoft Edge browser.

Browers patches including Google Disclosed a Microsoft Edge Zero-day bug Before Patch is Released on last month.

In this Browser based security fixes contains 21 vulnerabilities and 14 vulnerabilities has been marked as critical and remain vulnerabilities marked as important.

Along with this Microsoft Security Updates, Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.

“These updates address critical vulnerabilities in Adobe Flash Player 28.0.0.161 and earlier versions. all the vulnerabilities Successful exploitation could lead to arbitrary code execution in the context of the current user.”

Microsoft Security Updates Patched Vulnerabilities

TagCVE IDCVE Title
.NET CoreCVE-2018-0875.NET Core Denial of Service Vulnerability
Adobe Flash PlayerADV180006March 2018 Adobe Flash Security Update
ASP .NETCVE-2018-0787ASP.NET Core Elevation of Privilege Vulnerability
ASP.NETCVE-2018-0808ASP.NET Core Denial of Service Vulnerability
Device GuardCVE-2018-0884Windows Security Feature Bypass Vulnerability
Internet ExplorerCVE-2018-0929Internet Explorer Information Disclosure Vulnerability
Internet ExplorerCVE-2018-0942Internet Explorer Elevation of Privilege Vulnerability
Microsoft BrowsersCVE-2018-0932Microsoft Browser Information Disclosure Vulnerability
Microsoft BrowsersCVE-2018-0927Microsoft Browser Information Disclosure Vulnerability
Microsoft EdgeCVE-2018-0879Microsoft Edge Information Disclosure Vulnerability
Microsoft Exchange ServerCVE-2018-0941Microsoft Exchange Information Disclosure Vulnerability
Microsoft Exchange ServerCVE-2018-0940Microsoft Exchange Elevation of Privilege Vulnerability
Microsoft Exchange ServerCVE-2018-0924Microsoft Exchange Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2018-0817Windows GDI Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2018-0815Windows GDI Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2018-0816Windows GDI Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0903Microsoft Access Remote Code Execution Vulnerability
Microsoft OfficeCVE-2018-0909Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0911Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0907Microsoft Office Excel Security Feature Bypass
Microsoft OfficeCVE-2018-0910Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0947Microsoft Sharepoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0913Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0912Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0919Microsoft Office Information Disclosure Vulnerability
Microsoft OfficeCVE-2018-0921Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0915Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0916Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0917Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0944Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0914Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2018-0922Microsoft Office Memory Corruption Vulnerability
Microsoft OfficeCVE-2018-0923Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Scripting EngineCVE-2018-0893Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0874Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0876Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0936Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0873Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0891Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting EngineCVE-2018-0889Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0872Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0925Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0934Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0933Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0931Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0935Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0930Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2018-0939Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting EngineCVE-2018-0937Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Video ControlCVE-2018-0881Microsoft Video Control Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2018-0886CredSSP Remote Code Execution Vulnerability
Microsoft WindowsCVE-2018-0878Windows Remote Assistance Information Disclosure Vulnerability
Microsoft WindowsCVE-2018-0902CNG Security Feature Bypass Vulnerability
Microsoft WindowsCVE-2018-0983Windows Storage Services Elevation of Privilege Vulnerability
Windows Desktop BridgeCVE-2018-0877Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
Windows Desktop BridgeCVE-2018-0882Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Desktop BridgeCVE-2018-0880Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Hyper-VCVE-2018-0885Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-VCVE-2018-0888Hyper-V Information Disclosure Vulnerability
Windows InstallerCVE-2018-0868Windows Installer Elevation of Privilege Vulnerability
Windows KernelCVE-2018-0897Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0899Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0898Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0894Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0977Win32k Elevation of Privilege Vulnerability
Windows KernelCVE-2018-0896Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0895Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0900Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0814Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0811Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0904Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0901Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0926Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2018-0813Windows Kernel Information Disclosure Vulnerability
Windows ShellCVE-2018-0883Windows Shell Remote Code Execution Vulnerability

Adobe patched Vulnerabilities

Use After Free
Remote Code Execution
Critical
CVE-2018-4919
Type Confusion
Remote Code Execution
Critical
CVE-2018-4920

How do I Update my Device?

For your personal device, Windows 10 automatically checks for the latest updates. To confirm you’re up to date, go to Settings, select Update and Security and then click Check for updates. You may also visit the Windows Security page and selecting Verify you’re updated to manually update your device.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Leave a Comment
Share
Published by
Balaji
Tags: MicrosoftMicrosoft securityMicrosoft security updatesPatchUpdatesVulnerabilities
7 years ago

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

1 hour ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

2 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

4 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

8 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

9 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

9 hours ago