TrendLabs: March Patch Tuesday Fixes 75 Security Issues

• CVE-2018-0886 — a remote code execution (RCE) vulnerability in Microsoft’s Credential Security Support Provider protocol (CredSSP), a network-level authentication for remote desktop services. Remote desktop protocol (RDP) and Windows Remote Management (WinRM), which allows operating systems to interoperate and enables PowerShell remoting, also use it. Exploiting this flaw can let attackers conduct man-in-the-middle attacks to execute remote code and ultimately gain a foothold in targeted systems and servers in the network. Apart from applying the patch, system administrators are also recommended to adopt best practices for using remote desktop clients (i.e., setting group policies, restricting permissions, etc.).
• CVE-2018-0940 — an elevation-of-privilege flaw in Microsoft Exchange’s Outlook Web Access (OWA), and entails links not being properly sanitized. Attacks that exploit this involve sending phishing emails and superimposing the OWA interface with a fraudulent login page to trick unwitting victims into disclosing credentials or other personal information.
• CVE-2018-0930 — a memory corruption flaw in how the Chakra scripting engine handles objects in memory in Edge. Successfully exploiting the vulnerability will enable the hacker to gain the same rights as the current user. And if the user has administrative privileges, the attacker can hijack the system, install programs, read, modify or delete data, and create accounts. Web-based attacks include creating and hosting or compromising a website exploiting the flaw then enticing victims to visit it.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/march-patch-tuesday-fixes-75-security-issues-drops-registry-key-requirement-in-windows-10/