【漏洞公告】微软“周二补丁日”—2018年02月

美国时间2018年02月13日，微软发布2018年2月的 安全 公告， 本月安全公告解决了54个新漏洞，其中14个被认为是关键的、38个是重要的、2个是中度的。这些漏洞影响Outlook、Edge浏览器、脚本引擎、应用程序容器、窗口等等。


本次公告中涉及到 CVE-2018-0850、 CVE-2018-0852两个严重漏洞均影响 Outlook，攻击者利用这两个漏洞，可以在当前用户的上下文中运行任意代码或发送精准构造的恶意电子邮件，架加载本地或远程信息。


阿里云 提示企业用户关注，并根据 自 身业务情况安排补丁升级。



具体公告详情如下:                  

• Outlook
• Edge
• 脚本引擎
• 应用程序容器
• Windows窗口

• CVE-2018-0763 - Microsoft Edge Information Disclosure Vulnerability
• CVE-2018-0825 - StructuredQuery Remote Code Execution Vulnerability
• CVE-2018-0834 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0835 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0837 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0838 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0840 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0852 - Microsoft Outlook Memory Corruption Vulnerability
• CVE-2018-0856 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0857 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0858 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0859 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0860 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0861 - Scripting Engine Memory Corruption Vulnerability

• CVE-2018-0742 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2018-0755 - Windows EOT Font Engine Information Disclosure Vulnerability
• CVE-2018-0756 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2018-0757 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0760 - Windows EOT Font Engine Information Disclosure Vulnerability
• CVE-2018-0761 - Windows EOT Font Engine Information Disclosure Vulnerability
• CVE-2018-0809 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2018-0810 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0820 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2018-0821 - Windows AppContainer Elevation Of Privilege Vulnerability
• CVE-2018-0822 - Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability
• CVE-2018-0823 - Named Pipe File System Elevation of Privilege Vulnerability
• CVE-2018-0826 - Windows Storage Services Elevation of Privilege Vulnerability
• CVE-2018-0827 - Windows Security Feature Bypass Vulnerability
• CVE-2018-0828 - Windows Elevation of Privilege Vulnerability
• CVE-2018-0829 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0830 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0831 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2018-0832 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0836 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0839 - Microsoft Edge Information Disclosure Vulnerability
• CVE-2018-0841 - Microsoft Excel Remote Code Execution Vulnerability
• CVE-2018-0842 - Windows Remote Code Execution Vulnerability
• CVE-2018-0843 - Windows Kernel Information Disclosure Vulnerability
• CVE-2018-0844 - Windows Common Log File System Driver Elevation of Privilege Vulnerability
• CVE-2018-0845 - Microsoft Office Memory Corruption Vulnerability
• CVE-2018-0846 - Windows Common Log File System Driver Elevation of Privilege Vulnerability
• CVE-2018-0847 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0848 - Microsoft Office Memory Corruption Vulnerability
• CVE-2018-0849 - Microsoft Office Memory Corruption Vulnerability
• CVE-2018-0850 - Microsoft Outlook Elevation of Privilege Vulnerability
• CVE-2018-0851 - Microsoft Office Memory Corruption Vulnerability
• CVE-2018-0853 - Microsoft Office Information Disclosure Vulnerability
• CVE-2018-0855 - Windows EOT Font Engine Information Disclosure Vulnerability
• CVE-2018-0862 - Microsoft Office Memory Corruption Vulnerability
• CVE-2018-0864 - Microsoft SharePoint Elevation of Privilege Vulnerability
• CVE-2018-0866 - Scripting Engine Memory Corruption Vulnerability
• CVE-2018-0869 - Microsoft SharePoint Elevation of Privilege Vulnerability

1. 阿里云安全团队建议用户关注，并根据业务情况择机更新补丁，以提高服务器安全性；
2. 建议不要在企业业务系统上安装与业务无关的软件，例如：Office、其他办公软件。防止被黑客利用；
3. 建议用户打开Windows Update功能，然后点击“检查更新”按钮，根据业务情况下载安装相关安全补丁，安装完毕后重启服务器，检查系统运行情况。

• http://blog.talosintelligence.com/2018/02/ms-tuesday.html