Microsoft Windows and Microsoft Edge Security Advisories

Microsoft published security updates on January 3rd 2018 to address multiple vulnerabilities in Microsoft Windows and Microsoft Edge products. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition.

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Users are advised not to open email messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in email messages are safe, they are advised not to open them.

Users are advised not to visit websites or follow links that have suspicious characteristics or that cannot be verified as safe.

Administrators may consider using the Microsoft Baseline Security Analyzer (MBSA) scan tool to identify common security misconfigurations and missing security updates on system endpoints.

Administrators are advised to use an unprivileged account when browsing the Internet.

Administrators are advised to monitor critical systems.

Microsoft has released detailed information at the following link: Security Update Guide

Microsoft customers can obtain updates directly by using the links in the Microsoft Security Update Guide. These updates are also distributed by Windows automatic update features and are available from the Microsoft Update Catalog. Microsoft Windows Server Update Services (WSUS), Systems Management Server, and System Center Configuration Manager can assist administrators in deploying software updates.

Associated CVE Numbers

CVE-2018-0741     CVE-2018-0743     CVE-2018-0744     CVE-2018-0745     CVE-2018-0746     CVE-2018-0747     CVE-2018-0748     CVE-2018-0749     CVE-2018-0750     CVE-2018-0751   CVE-2018-0752     CVE-2018-0753     CVE-2018-0754     CVE-2018-0758     CVE-2018-0762
CVE-2018-0766     CVE-2018-0767     CVE-2018-0768     CVE-2018-0769     CVE-2018-0770
CVE-2018-0772     CVE-2018-0773     CVE-2018-0774     CVE-2018-0775     CVE-2018-0776
CVE-2018-0777     CVE-2018-0778     CVE-2018-0780     CVE-2018-0781     CVE-2018-0788
CVE-2018-0800     CVE-2018-0803     CVE-2018-0818

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: