Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。
パッチプライオリティ指標の決め方は詳しい:https://blog.tripwire.co.jp/blog/understanding-prioritization にてご参考ください。
また、新しい脆弱性ソリューションが弊社のディストリビューターからリリースされましたので、是非ご覧になってください。
下記は2018年9月のパッチプライオリティ指標になります。
First on the patch priority list this month are patches for Microsoft’s Internet Explorer, Edge and Scripting Engine. These patches resolve 18 vulnerabilities, including fixes for Elevation of Privilege, Information Disclosure, Memory Corruption, Security Feature Bypass and Spoofing vulnerabilities. Note that this list contains CVE-2018-8457 for Scripting Engine, and Microsoft has rated this as Exploitation More Likely on the Exploitability Index.
Next on the patch priority list this month are patches released by Adobe and described in the APSB18-31 security bulletin. This patch set includes updates for an information disclosure vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions for Windows, Macintosh, Linux and Chrome OS.
Up next, administrators should focus on patching two specific Windows vulnerabilities. First, there is CVE-2081-8440 for the Windows Advanced Local Procedure Call (ALPC). This vulnerability allows an attacker to take advantage of a flaw in the task scheduler ALPC to escalate privileges. This vulnerability has been publicly disclosed with details available describing how it was used in malware. Second, there is CVE-2018-8475, which is a remote code execution vulnerability based on how Windows handles image files. Microsoft has rated both of these vulnerabilities with a 1 on the Exploitability Index, meaning that exploitation is more likely.
Next on the list are the remaining patches for Microsoft Windows. These patches address numerous vulnerabilities across Device Guard, DirectX Graphics Kernel, Windows Kernel, MS XML, Graphics component, JET Database Engine, Win32k Graphics, Windows GDI, Hyper-V, Registry, SMB and Windows Subsystem for Linux.
Lastly for this month, users should focus on the patches for .NET, Exchange Server, and SQL server. These patches resolve information disclosure, memory corruption, tampering, and remote code execution vulnerabilities.
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), click here.
| BULLETIN | CVE |
| Browser | CVE-2018-8461, CVE-2018-8447, CVE-2018-8470 |
| Edge | CVE-2018-8463, CVE-2018-8469, CVE-2018-8366, CVE-2018-8464, CVE-2018-8425 |
| Scripting Engine | CVE-2018-8315, CVE-2018-8452, CVE-2018-8457, CVE-2018-8456, CVE-2018-8459, CVE-2018-8354, CVE-2018-8466, CVE-2018-8467, CVE-2018-8465, CVE-2018-8367 |
| APSB18-31 Adobe Flash | CVE-2018-15967 |
| Windows Advanced Local Procedure Call (ALPC) | CVE-2018-8440 |
| Windows RCE | CVE-2018-8475 |
| Windows | CVE-2018-8449, CVE-2018-8462, CVE-2018-8420, CVE-2018-8433, CVE-2018-8392, CVE-2018-8393, CVE-2018-8332, CVE-2018-8468, CVE-2018-8424, CVE-2018-8438, CVE-2018-8436, CVE-2018-8437, CVE-2018-8434, CVE-2018-0965, CVE-2018-8439, CVE-2018-8435, CVE-2018-8271, CVE-2018-8455, CVE-2018-8442, CVE-2018-8419, CVE-2018-8445, CVE-2018-8336, CVE-2018-8446, CVE-2018-8443, CVE-2018-8410, CVE-2018-8335, CVE-2018-8444, CVE-2018-8441, CVE-2018-8337 |
| Microsoft Office | CVE-2018-8429, CVE-2018-8430 |
| SharePoint | CVE-2018-8426, CVE-2018-8431, CVE-2018-8428 |
| .NET | CVE-2018-8421 |
