Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。
パッチプライオリティ指標の決め方は詳しい:https://blog.tripwire.co.jp/blog/understanding-prioritization にてご参考ください。
また、新しい脆弱性ソリューションが弊社のディストリビューターからリリースされましたので、是非ご覧になってください。
下記は2018年10月のパッチプライオリティ指標になります。
First on the patch priority list this month is an authentication bypass vulnerability in libssh. This vulnerability can be exploited remotely, and exploit code has recently been added to Metasploit.
Next are patches for Microsoft’s Internet Explorer, Edge and Scripting Engine. These patches resolve 11 vulnerabilities, including fixes for Memory Corruption and Security Feature Bypass vulnerabilities.
Up next are patches for Microsoft Office. Those include fixes for three remote code execution vulnerabilities, one each in Excel, PowerPoint and Word.
Next on the list are the patches for Microsoft Windows. These patches address numerous vulnerabilities across Device Guard, DirectX Graphics Kernel, Windows Kernel, MS XML, Graphics component, JET Database Engine, Windows GDI, Hyper-V, Windows Subsystem for Linux, DNS, Media Player, TCP/IP and Theme. Note that CVE-2018-8453 is a privilege escalation vulnerability in Win32k’s handling of objects in memory, and it has been exploited in the wild. According to ZDNet, the exploit has been used by a nation-state cyber-espionage group known as FruityArmor. Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely) on their latest Windows release, while active exploitation has been detected on older releases.
Next, users should focus on the patches for Microsoft SharePoint and Exchange Server. These patches resolve Elevation of Privilege, Insecure Library Loading and Remote Code Execution vulnerabilities.
Last on the list this month are patches for Oracle Java and Oracle Database. These patches address vulnerabilities in Java SE versions 6u201, 7u191, 8u181 and 11 along with Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c.
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), click here.
| ULLETIN | CVE |
| libssh – Authentication Bypass | CVE-2018-10933 |
| Microsoft Internet Explorer | CVE-2018-8460, CVE-2018-8491 |
| Microsoft Edge | CVE-2018-8473, CVE-2018-8509, CVE-2018-8530, CVE-2018-8512 |
| Microsoft Scripting Engine | CVE-2018-8513, CVE-2018-8510, CVE-2018-8511, CVE-2018-8503, CVE-2018-8505 |
| Microsoft Office | CVE-2018-8502, CVE-2018-8501, CVE-2018-8504 |
| Microsoft Windows | CVE-2018-8492, CVE-2018-8484, CVE-2018-8486, CVE-2018-8329, CVE-2018-8494, CVE-2018-8333, CVE-2018-8427, CVE-2018-8432, CVE-2018-8423, CVE-2018-8506, CVE-2018-8411, CVE-2018-8453, CVE-2018-8320, CVE-2018-8472, CVE-2018-8489, CVE-2018-8490, CVE-2018-8497, CVE-2018-8330, CVE-2018-8481, CVE-2018-8482, CVE-2018-8495, CVE-2018-8493, CVE-2018-8413 |
| Microsoft SharePoint | CVE-2018-8488, CVE-2018-8480, CVE-2018-8498, CVE-2018-8518 |
| Microsoft Exchange Server | CVE-2010-3190, CVE-2018-8265, CVE-2018-8448 |
| Oracle Java | CVE-2018-14048, CVE-2018-3183, CVE-2018-3180, CVE-2018-13785, CVE-2018-3139, CVE-2018-3150, CVE-2018-3214, CVE-2018-3169, CVE-2018-3211, CVE-2018-3157, CVE-2018-3209, CVE-2018-3136, CVE-2018-3149 |
| Oracle Database | CVE-2018-3259, CVE-2018-3299, CVE-2018-7489 |
