On January 9, 2018, Microsoft released its scheduled patch update for January 2018. This month's update covers vulnerabilities in Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server, ChakraCore, .NET Framework, .NET Core and ASP.NET Core.
On January 9, 2018, Adobe released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure.
Customers are advised to apply all patches as soon as possible. Microsoft January 2018 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/858123b8-25ca-e711-a957-000d3a33cf99 Adobe Security Bulletin APSB18-01 https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
ThreatCon Level 2
Medium : Increased alertness
This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating. Under this condition, a careful examination of vulnerable and exposed systems is appropriate, security applications should be updated with new signatures and/or rules as soon as they become available and careful monitoring of logs is recommended. Changes to the security infrastructure are not required.