VERT 脅威アラート – 2018年9月パッチプライオリティ指標(Patch Priority Index:PPI) (英語版)


 2018.10.04  Japanブログ編集部

Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。

パッチプライオリティ指標の決め方は詳しい: にてご参考ください。




First on the patch priority list this month are patches for Microsoft’s Internet Explorer, Edge and Scripting Engine. These patches resolve 18 vulnerabilities, including fixes for Elevation of Privilege, Information Disclosure, Memory Corruption, Security Feature Bypass and Spoofing vulnerabilities. Note that this list contains CVE-2018-8457 for Scripting Engine, and Microsoft has rated this as Exploitation More Likely on the Exploitability Index.

Next on the patch priority list this month are patches released by Adobe and described in the APSB18-31 security bulletin. This patch set includes updates for an information disclosure vulnerability in Adobe Flash Player and earlier versions for Windows, Macintosh, Linux and Chrome OS.

Up next, administrators should focus on patching two specific Windows vulnerabilities. First, there is CVE-2081-8440 for the Windows Advanced Local Procedure Call (ALPC). This vulnerability allows an attacker to take advantage of a flaw in the task scheduler ALPC to escalate privileges. This vulnerability has been publicly disclosed with details available describing how it was used in malware. Second, there is CVE-2018-8475, which is a remote code execution vulnerability based on how Windows handles image files. Microsoft has rated both of these vulnerabilities with a 1 on the Exploitability Index, meaning that exploitation is more likely.

Next on the list are the remaining patches for Microsoft Windows. These patches address numerous vulnerabilities across Device Guard, DirectX Graphics Kernel, Windows Kernel, MS XML, Graphics component, JET Database Engine, Win32k Graphics, Windows GDI, Hyper-V, Registry, SMB and Windows Subsystem for Linux.

Lastly for this month, users should focus on the patches for .NET, Exchange Server, and SQL server. These patches resolve information disclosure, memory corruption, tampering, and remote code execution vulnerabilities.

To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), click here.

Browser CVE-2018-8461, CVE-2018-8447, CVE-2018-8470
Edge CVE-2018-8463, CVE-2018-8469, CVE-2018-8366, CVE-2018-8464, CVE-2018-8425
Scripting Engine CVE-2018-8315, CVE-2018-8452, CVE-2018-8457, CVE-2018-8456, CVE-2018-8459, CVE-2018-8354, CVE-2018-8466, CVE-2018-8467, CVE-2018-8465, CVE-2018-8367
APSB18-31 Adobe Flash CVE-2018-15967
Windows Advanced Local Procedure Call (ALPC) CVE-2018-8440
Windows RCE CVE-2018-8475
Windows CVE-2018-8449, CVE-2018-8462, CVE-2018-8420, CVE-2018-8433, CVE-2018-8392, CVE-2018-8393, CVE-2018-8332, CVE-2018-8468, CVE-2018-8424, CVE-2018-8438, CVE-2018-8436, CVE-2018-8437, CVE-2018-8434, CVE-2018-0965, CVE-2018-8439, CVE-2018-8435, CVE-2018-8271, CVE-2018-8455, CVE-2018-8442, CVE-2018-8419, CVE-2018-8445, CVE-2018-8336, CVE-2018-8446, CVE-2018-8443, CVE-2018-8410, CVE-2018-8335, CVE-2018-8444, CVE-2018-8441, CVE-2018-8337
Microsoft Office CVE-2018-8429, CVE-2018-8430
SharePoint CVE-2018-8426, CVE-2018-8431, CVE-2018-8428
.NET CVE-2018-8421


TRIPWIRE IP360 データシート