Jump to content


Photo

MS Security Updates - June 2018


  • Please log in to reply
3 replies to this topic

#1 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,431 posts

Posted 10 June 2018 - 10:53 PM

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: June 7, 2018
********************************************************************

Security Advisories Released or Updated on June 7, 2018
===================================================================

* Microsoft Security Advisory 180014

- Title: June 2018 Adobe Flash Security Update
- https://portal.msrc....urity-guidance/
securityadvisories/2018/180014
- Reason for Revision: Information published.
- Originally posted: June 7, 2018
- Version: 1.0


Other Information
=================


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#2 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,431 posts

Posted 14 June 2018 - 09:37 PM

********************************************************************

Title: Microsoft Security Update Releases
Issued: June 12, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2018-0976
* CVE-2018-1003
* CVE-2018-8136

Revision Information:
=====================

- CVE-2018-0976 | Windows Remote Desktop Protocol (RDP) Denial of
Service Vulnerability
- »portal.msrc.microsoft.co ··· guidance
- Reason for Revision: Microsoft is re-releasing security update
4093227 for all supported versions of Windows Server 2008 Service
Pack 2 to address a signing issue experienced by some customers.
Customers should reinstall this new update.
- Originally posted: April 10, 2018
- Updated: June 12, 2018
- Aggregate CVE Severity Rating: Important
- Version: 2.0

- CVE-2018-1003 | Microsoft JET Database Engine Remote Code
Execution Vulnerability
- »portal.msrc.microsoft.co ··· guidance
- Reason for Revision: Revised the Affected Products table to
include Windows 10 Version 1803 for 32-bit System, Windows 10
Version 1803 for x64-based Systems, and Windows Server
version 1803 (Server Core installation) because they are
affected by CVE-2018-1003. Microsoft recommends that
customers running Windows 10 Version 1803 install update
4284835 to be protected from this vulnerability.
- Originally posted: April 10, 2018
- Updated: June 12, 2018
- Aggregate CVE Severity Rating: Important
- Version: 2.0

- CVE-2018-8136 | Windows Remote Code Execution Vulnerability
- »portal.msrc.microsoft.co ··· guidance
- Reason for Revision: CVE revised to announce the availability
of security update 4130956 for Windows Server 2008. See
Microsoft Knowledge Base Article 4130956 for more information.
- Originally posted: May 5, 2018
- Updated: June 12, 2018
- Aggregate CVE Severity Rating: Low
- Version: 2.0


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,431 posts

Posted 14 June 2018 - 09:47 PM

Description of the security update for Outlook 2016: June 12, 2018

Applies to: Outlook 2016
Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2018-8244.

Note To apply this security update, you must have the release version of Microsoft Outlook 2016 installed on the computer.

Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home (see Determining your Office version).

Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issues:
  • When you open and edit a document that is stored in a folder in Outlook 2016, the changes are not saved.
  • Sync Slider settings do not work for group conversations.

  • When you send an RTF-formatted email message that has attachments in online mode of Outlook 2016, one or more attachments may become corrupted.

  • This update improves the translation about forwarding a meeting in Outlook 2016 for all languages.

  • After the primary email address of a user profile is changed, Outlook 2016 still shows the old SMTP address for the user profile.

  • When you open a digitally signed email message from the Sent folder and send it again in Outlook 2016, Outlook 2016 may crash.

  • If the PR_EMSMDB_CRED_USERNAME property is not present in user profiles, some users may experience too many calls to the user principal name (UPN) lookup. To fix this issue, follow the instructions in KB 4022165.

  • You cannot attach local network items through the recent items list in Outlook 2016 if the Internet connection is unavailable.

  • Some cloud attachments that have certain file names are invisible in email messages.

  • After a cross-forest migration or a migration to Microsoft Office 365, some users who have existing profiles cannot send email messages.

  • If you add an attachment to an RTF-formatted email message through copy and paste (drag-and-drop) in Outlook 2016, the attachment may be lost when you send the email.

  • After you install or update an Outlook add-in in Outlook 2016, multiple network calls (getAppManifest calls) will be made to retrieve Exchange add-in manifest data.

How to get and install the update
Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: June 12, 2018.

Security update replacement information

This security update replaces previously released security update KB 4011682.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,431 posts

Posted 14 June 2018 - 09:49 PM

Microsoft Security Advisory Notification Issued: June 13, 2018

********************************************************************

Title: Microsoft Security Advisory Notification
Issued: June 13, 2018
********************************************************************

Security Advisories Released or Updated on June 13, 2018
===================================================================
* Microsoft Security Advisory 180016

- Title: Microsoft Guidance for Lazy FP State Restore
- »portal.msrc.microsoft.co ··· uidance/
advisory/ADV180016
- Reason for Revision: Information published.
- Originally posted: June 13, 2018
- Updated: N/A
- Version: 1.0

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





Member of ASAP and UNITE
Support SpywareInfo Forum - click the button