Description:
Microsoft has released 18 security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
Google Project Zero has disclosed CPU architecture design flaws leading to multiple vulnerabilities on Microsoft Windows and Microsoft Windows Server, including at least CVE-2018-0741 and CVE-2018-0744 to CVE-2018-0747. Users are advised to take immediate action to patch the affected systems since there is elevated risk of cyber attacks for the vulnerabilities.
Microsoft has provided further information for the compatibility issues relating to the following two products:
AMD CPU Microprocessors
There are reports of some AMD devices getting into an unbootable state after applying the security updates for addressing the well-known Meltdown and Spectre issues. Microsoft has temporarily suspended to update to affected systems with concerned AMD CPU processors.
Anti-malware Software
Microsoft has identified a compatibility issue between the security updates and some anti-malware software, causing the Windows operating system unable to boot. Some vendors of anti-malware software have offered supplementary information on the subject matter.
- Fortinet
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD40946
- Kaspersky
https://support.kaspersky.co.uk/14042
- McAfee
https://kc.mcafee.com/corporate/index?page=content&id=KB90167
- Symantec
https://support.symantec.com/en_US/article.TECH248545.html
- Trend Micro
https://success.trendmicro.com/solution/1119183-important-information-for-trend-micro-solutions-and-microsoft-january-2018-security-updates
Users are strongly recommended to check with the product vendors to confirm whether the AMD CPU microprocessors and anti-malware software in your installation are compatible with the security updates.
Affected Systems:
- Microsoft Internet Explorer 9, 10, 11
- Microsoft Edge
- Microsoft Windows 7, 8.1, 10
- Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016
- Microsoft Windows Server, version 1709
- Microsoft SQL Server 2016, 2017
A complete list of the affected products can be found at:
https://portal.msrc.microsoft.com/en-us/security-guidance
Impact:
Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, information disclosure, or denial of service.
Recommendation:
Patches for affected products are available from the Windows Update/Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
To patch the vulnerabilities relating the CPU design flaws completely, system administrators are also advised to check with the system OEM for the updated firmware and update the firmware to a non-vulnerable version when available.
More Information:
https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices
https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/858123b8-25ca-e711-a957-000d3a33cf99
https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0743 (to CVE-2018-0754)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0766 (to CVE-2018-0770)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0772 (to CVE-2018-0778)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0803