Microsoft releases January Patch Tuesday to fix 56 security issues
Microsoft released January Patch Tuesday, fixing 56 security issues ranging from simple spoofing attacks to remote code execution, involving .NET Framework, Adobe Flash Player, ASP .NET, ASP.NET, Graphic Fonts, Microsoft Browsers, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Side-Channel, Windows Kernel, Windows SMB Server, and Windows Subsystem for Linux.
The relevant information is as follows:
| product | CVE number | CVE title |
| .NET Framework | CVE-2018-0786 | .NET Security Feature Bypass Vulnerability |
| .NET Framework | CVE-2018-0764 | .NET and .NET Core Denial of Service Vulnerability |
| Adobe Flash Player | ADV180001 | January 2018 Adobe Flash Security Update |
| ASP .NET | CVE-2018-0784 | ASP.NET Core Elevation of Privilege Vulnerability |
| ASP.NET | CVE-2018-0785 | ASP.NET Core CSRF Vulnerability |
| Graphics Fonts | CVE-2018-0788 | OpenType Font Driver Elevation of Privilege Vulnerability |
| Graphics Fonts | CVE-2018-0754 | OpenType Font Driver Information Disclosure Vulnerability |
| Microsoft Browsers | CVE-2018-0762 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Browsers | CVE-2018-0772 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2018-0803 | Microsoft Edge Elevation of Privilege Vulnerability |
| Microsoft Edge | CVE-2018-0766 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2018-0750 | Windows GDI Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2018-0741 | Microsoft Color Management Information Disclosure Vulnerability |
| Microsoft Office | ADV180003 | Microsoft Office Defense in Depth Update |
| Microsoft Office | CVE-2018-0804 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0805 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0806 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0807 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0812 | Microsoft Word Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0819 | Deceptive Vulnerability in Microsoft Office for MAC |
| Microsoft Office | CVE-2018-0795 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0797 | Microsoft Word Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0799 | Microsoft Access Tampering Vulnerability |
| Microsoft Office | CVE-2018-0802 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0801 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0789 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0790 | Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0791 | Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0792 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0793 | Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0794 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0796 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0798 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0818 | Scripting Engine security features bypassed |
| Microsoft Scripting Engine | CVE-2018-0773 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0774 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0781 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0800 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0758 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0767 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0768 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0769 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0770 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0775 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0776 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0777 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0778 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0780 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Windows | CVE-2018-0753 | Windows IPSec Denial of Service Vulnerability |
| Side-Channel | ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities |
| Windows Kernel | CVE-2018-0746 | Windows Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0747 | Windows Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0748 | Windows Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0751 | Windows Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0752 | Windows Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0744 | Windows Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0745 | Windows Information Disclosure Vulnerability |
| Windows SMB Server | CVE-2018-0749 | SMB Server Elevation of Privilege Vulnerability |
| Windows Subsystem for Linux | CVE-2018-0743 | Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Microsoft official release update patch, please update the patch soon.
Reference: Microsoft
