Patch Tuesday March 2018

Compared to March 2017, this month’s Patch Tuesday is rather tame. This time last year, Microsoft was releasing patches for a number of zero-day vulnerabilities, including the EternalBlue, EternalSynergy, EternalRocks, and DoublePulsar vulnerabilities that the Shadow Brokers went on to disclose exploits for in April 2017.

This Patch Tuesday comes with 74 security updates, including fixes for two known vulnerabilities (CVE-2018-0808 and CVE-2018-0940); luckily this release arrives in a more timely fashion, as there have been no known exploitations of these vulnerabilities like we’ve seen in the past.

Microsoft Patch Tuesday March 2018 security updates

This month’s security updates cover the following list of products:

  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Exchange Server
  • ASP.NET Core
  • Powershell Core
  • .NET Core
  • Microsoft Office
  • ChakraCore
  • Internet Explorer
  • Microsoft Office Services and Web apps

The patches for Edge, ChakraCore, and Internet Explorer are all critical, and should be applied as soon as possible.

You can also access complete reports on both this month’s security updates and non-security updates from Microsoft.

As with other Microsoft Patch Tuesdays, Adobe has published some security fixes, this time with two security updates to combat remote code execution flaws in Adobe Flash Player:

  • CVE-2018-4919
  • CVE-2018-4920

At the time of writing this blog, the most updated version of Adobe Flash Player is v 29.0.0.113.

Free webinar: Discussing Patch Tuesday vulnerabilities and security bulletins

If you’re looking to explore these 74 security updates in detail, join our security experts on March 15th for a detailed analysis of this month’s vulnerabilities—their CVE ID’s—and security bulletins. 

Register now

If you don’t have an automated patch deployment procedure, it’s high time to employ one. To provide you with any assistance you might need, ManageEngine offers two solutions for automatically deploying patches: Desktop Central and Patch Manager Plus. If you use either of these, you’ll be able to sit back and watch your network’s vulnerabilities fade away, leaving you to focus on more important tasks.you’ll not only bring your patches up to date, but you’ll be able to forget about future Patch Tuesday updates since these updates will be automatically applied as they’re released.

Download Desktop Central

Download Patch Manager Plus

If you’d like to try a personalized demo of either of these products, feel free to reach out to our support team at cms-eval@manageengine.com to get started.