Microsoft April Patch Tuesday แก้ไขความปลอดภัยกว่า 66 รายการ
มานพ กองอุ่น 18 เม.ย. 2018 21:31:13 3,226
ในช่วงต้นเดือนเมษายนที่ผ่านมา Microsoft ได้ทำการออก Patch เพื่อปรับปรุงด้านความปลอดภัยกว่า 66 รายการ รวมไปถึง Adobe Flash Player ด้วย โดยมีรายการการปรับปรุงดังนี้
| Tag | CVE ID | CVE Title |
|---|---|---|
| Adobe Flash Player | ADV180007 | April 2018 Adobe Flash Security Update |
| Internet Explorer | CVE-2018-0870 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2018-1018 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2018-0997 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2018-0991 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2018-1020 | Internet Explorer Memory Corruption Vulnerability |
| Microsoft Browsers | CVE-2018-1023 | Microsoft Browser Memory Corruption Vulnerability |
| Microsoft Devices | CVE-2018-8117 | Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability |
| Microsoft Edge | CVE-2018-0892 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Edge | CVE-2018-0998 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2018-1009 | Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability |
| Microsoft Graphics Component | CVE-2018-1016 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2018-1012 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2018-1010 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2018-1015 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2018-1013 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2018-1003 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
| Microsoft Malware Protection Engine | CVE-2018-0986 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1028 | Unknown |
| Microsoft Office | CVE-2018-1026 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1027 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1029 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1005 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-1034 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-1030 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-0950 | Microsoft Office Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-0920 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1007 | Microsoft Office Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-1011 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2018-1032 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-1014 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0981 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0979 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-1019 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0980 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0993 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0994 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0990 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0987 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0988 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0995 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-1001 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-1004 | Windows VBScript Engine Remote Code Execution Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0989 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-1000 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0996 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2018-0890 | Active Directory Security Feature Bypass Vulnerability |
| Microsoft Windows | CVE-2018-0966 | Device Guard Security Feature Bypass Vulnerability |
| Microsoft Windows | CVE-2018-0967 | Windows SNMP Service Denial of Service Vulnerability |
| Microsoft Windows | CVE-2018-0963 | Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0887 | Windows Kernel Information Disclosure Vulnerability |
| Microsoft Windows | CVE-2018-8116 | Microsoft Graphics Component Denial of Service Vulnerability |
| Visual Studio | CVE-2018-1037 | Microsoft Visual Studio Information Disclosure Vulnerability |
| Windows Hyper-V | CVE-2018-0964 | Hyper-V Information Disclosure Vulnerability |
| Windows Hyper-V | CVE-2018-0957 | Hyper-V Information Disclosure Vulnerability |
| Windows IIS | CVE-2018-0956 | HTTP.sys Denial of Service Vulnerability |
| Windows Kernel | CVE-2018-1008 | OpenType Font Driver Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0960 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0973 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0972 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0975 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0974 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0971 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0969 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0968 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0970 | Windows Kernel Information Disclosure Vulnerability |
| Windows RDP | CVE-2018-0976 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability |
ทั้งนี้สามารถดูรายละเอียด Path ทั้งหมดในเดือนเมษายน 2018 ได้จากรายงาน Microsoft CVE Summary
ที่มา https://www.bleepingcomputer.com/news/security/microsoft-april-patch-tuesday-fixes-66-security-issues/
