If you expected the January Microsoft Patch reveals to one contain the CPU updates that address major security flaws like Meltdown and Spectre then you might be surprised to see there is a lot more including a fix for a handful of major security flaws and a Zero Day fix.
Microsoft has just released their January 2018 patches which address about 56 vulnerabilities and also a Zero Day fix for an MS-Office vulnerability
The patch breakdowns :
- 16 security updates rated as critical
- 38 updates rated as important
- 1 update rated as moderate
The January 2018 Patch Tuesday includes three special security advisories that address flaws related to Adobe Flash, Meltdown & Spectre vulnerabilities, an update for Office suite.
These security updates fix security issues in Windows, Office, Internet Explorer, Edge, ASP.NET, and .NET Framework.
The MS-Office zero-day vulnerability is a memory corruption flaw (CVE-2018-0802), which has bee actively exploited by an attacker for the past few months. The vulnerability is exploited by remote code execution, tricking the victim into opening a specially crafted malicious Word.
Exploiting CVE-2018-0802 Office Equation Vulnerability