Microsoft Security Bulletin Coverage for February 2018

By

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of Feburary 2018. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverages

  • CVE-2018-0742 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0755 Windows EOT Font Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0756 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0757 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0760 Windows EOT Font Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0761 Windows EOT Font Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0763 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0771 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0809 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0810 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0820 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0821 Windows AppContainer Elevation Of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0822 Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0823 Named Pipe File System Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0825 StructuredQuery Remote Code Execution Vulnerability
    IPS:4780 Windows Shell Shortcut File Execution 1

  • CVE-2018-0826 Windows Storage Services Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0827 Windows Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0828 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0829 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0830 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0831 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0832 Windows Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0833 Windows Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0834 Scripting Engine Memory Corruption Vulnerability
    IPS:13206 Scripting Engine Memory Corruption Vulnerability (FEB 18) 6

  • CVE-2018-0835 Scripting Engine Memory Corruption Vulnerability
    IPS:13207 Scripting Engine Memory Corruption Vulnerability (FEB 18) 7

  • CVE-2018-0836 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0837 Scripting Engine Memory Corruption Vulnerability
    IPS:13202 Scripting Engine Memory Corruption Vulnerability (FEB 18) 2

  • CVE-2018-0838 Scripting Engine Memory Corruption Vulnerability
    IPS:13203 Scripting Engine Memory Corruption Vulnerability (FEB 18) 3

  • CVE-2018-0839 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0840 Scripting Engine Memory Corruption Vulnerability
    IPS:13204 Scripting Engine Memory Corruption Vulnerability (FEB 18) 4

  • CVE-2018-0841 Microsoft Office Remote Code Execution Vulnerability
    SPY:1327 Malformed-File xls.MP.57

  • CVE-2018-0842 Windows Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0843 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0844 Windows Common Log File System Driver Elevation Of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0846 Windows Common Log File System Driver Elevation Of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0847 Internet Explorer Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0850 Microsoft Outlook Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0851 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0852 Microsoft Outlook Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0853 Microsoft Office Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0855 Windows EOT Font Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0856 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0857 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0858 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0859 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0860 Scripting Engine Memory Corruption Vulnerability
    IPS:13201 Scripting Engine Memory Corruption Vulnerability (FEB 18) 1

  • CVE-2018-0861 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0864 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0869 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0866 Scripting Engine Memory Corruption Vulnerability
    IPS:13205 Scripting Engine Memory Corruption Vulnerability (FEB 18) 5

Adobe Coverages

APSB18-02 Security updates for Adobe Adobe Ac
robat and Reader:

  • CVE-2018-4871
    Spy:5055 Malformed-File atf.MP.2
  • CVE-2018-4872
    Spy:5099 Malformed-File pdf.MP.302
  • CVE-2018-4879
    Spy:5032 Malformed-File emf.MP.51
  • CVE-2018-4881
    Spy:1389 Malformed-File bmp.MP.1
  • CVE-2018-4882
    Spy:1427 Malformed-File pdf.MP.296
  • CVE-2018-4883
    Spy:1172 Malformed-File emf.MP.23
  • CVE-2018-4884
    Spy:1440 Malformed-File bmp.MP.2
  • CVE-2018-4884
    Spy:1442 Malformed-File emf.MP.54
  • CVE-2018-4885
    Spy:1444 Malformed-File emf.MP.55
  • CVE-2018-4886
    Spy:1444 Malformed-File emf.MP.55
  • CVE-2018-4887
    Spy:1177 Malformed-File emf.MP.26
  • CVE-2018-4888
    Spy:1467 Malformed-File pdf.MP.297
  • CVE-2018-4889
    Spy:1135 Malformed-File pdf.MP.240
  • CVE-2018-4889
    Spy:5078 Malformed-File xps.MP.2
  • CVE-2018-4890
    Spy:5079 Malformed-File jpg.MP.15
  • CVE-2018-4891
    Spy:1260 Malformed-File jpg.MP.3
  • CVE-2018-4892
    Spy:5081 Malformed-File pdf.MP.298
  • CVE-2018-4893
    Spy:5082 Malformed-File ttf.MP.17
  • CVE-2018-4894
    Spy:5083 Malformed-File ttf.MP.18
  • CVE-2018-4895
    Spy:5084 Malformed-File emf.MP.58
  • CVE-2018-4896
    Spy:5032 Malformed-File emf.MP.51
  • CVE-2018-4897
    Spy:5086 Malformed-File tiff.MP.2
  • CVE-2018-4898
    Spy:1612 Malformed-File tiff.MP.1
  • CVE-2018-4899
    Spy:5088 Malformed-File xps.MP.4
  • CVE-2018-4900
    Spy:5089 Malformed-File pdf.MP.299
  • CVE-2018-4901
    Spy:5090 Malformed-File pdf.MP.300
  • CVE-2018-4902
    Spy:5091 Malformed-File pdf.MP.301
  • CVE-2018-4903
    Spy:5092 Malformed-File tif.MP.17
  • CVE-2018-4904
    Spy:5093 Malformed-File tif.MP.18
  • CVE-2018-4905
    Spy:1267 Malformed-File tif.MP.3
  • CVE-2018-4906
    Spy:5003 Malformed-File tif.MP.13
  • CVE-2018-4907
    Spy:5096 Malformed-File tif.MP.20
  • CVE-2018-4908
    Spy:1612 Malformed-File tiff.MP.1
  • CVE-2018-4909
    Spy:5098 Malformed-File jpg.MP.16
  • CVE-2018-4910
    Spy:5099 Malformed-File pdf.MP.302
  • CVE-2018-4911
    Spy:5100 Malformed-File pdf.MP.303
  • CVE-2018-4912
    Spy:5101 Malformed-File jp2.MP.2
  • CVE-2018-4913
    Spy:5102 Malformed-File pdf.MP.304
  • CVE-2018-4914
    Spy:5103 Malformed-File tif.MP.21
  • CVE-2018-4915
    Spy:5099 Malformed-File pdf.MP.302
  • CVE-2018-4916
    Spy:5105 Malformed-File tif.MP.22
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.