Today’s VERT Alert addresses the Microsoft January 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-759 on Friday, January 5th. We are not yet certain if this release contains all January updates or if Tuesday will see a second set of updates released.
In-The-Wild & Disclosed CVEs
This month, no Microsoft vulnerabilities have been publicly disclosed or are being actively exploited based on indicators from Microsoft. There is, however, a vulnerability worthy of discussion.
This vulnerability is more of a concern to enterprises, where insider threat is a risk. The exists an attack vector where security checks can be bypassed when accessing a local file via SMB. The attacker must already have access to the system with valid credentials in order to exploit this vulnerability.
Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely)
In addition to the Microsoft vulnerabilities included in the January Security Guidance, a security advisory responsible for the early content release was also made available.
Guidance to mitigate speculative execution side-channel vulnerabilities [ADV1800002]
The announcement of the Meltdown and Spectre attacks is responsible for this early Patch Tuesday content release, creating, effectively, Patch Thursday.
VERT has released a separate blog post with details on these vulnerabilities.