Jump to content


Photo

MS Security Updates - September 2018


  • Please log in to reply
1 reply to this topic

#1 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,468 posts

Posted 16 September 2018 - 09:51 AM

********************************************************************

Title: Microsoft Security Advisory Notification

Issued: September 11, 2018

********************************************************************

 

Security Advisories Released or Updated on September 11, 2018

===================================================================

 

* Microsoft Security Advisory ADV180002

 

 - Title: Guidance to mitigate speculative execution

   side-channel vulnerabilities

 - https://portal.msrc....urity-guidance/

   advisory/ADV180002

 - Reason for Revision: The following updates have been made:

  1. Microsoft has released security update 4457128 for Windows

   10 Version 1803 for ARM64-based Systems to provide protection

   against CVE-2017-5715. See the Affected Products table for links

   to download and install the update. Note that this update is also

   available via Windows Update. 2. Added FAQ #19 to explain where

   customer can find and install ARM64 firmware that address

   CVE-2017-5715 - Branch target injection (Spectre, Variant 2).

 - Originally posted: January 3, 2018

 - Updated: September 11, 2018

 - Version: 25.0

 

 

* Microsoft Security Advisory ADV180018

 

 - Title: Microsoft guidance to mitigate L1TF variant

 - https://portal.msrc....urity-guidance/

   advisory/ADV180018

 - Reason for RevisioMicrosoft is announcing the release of

   Monthly Rollup 4458010 and Security Only 4457984 for Windows

   Server 2008 to provide additional protections against the

   speculative execution side-channel vulnerability known as L1

   Terminal Fault (L1TF) that affects IntelB. CoreB. processors and

   IntelB. XeonB. processors (CVE-2018-3620 and CVE-2018-3646).

   Customers running Windows Server 2008 should install either

   4458010 or 4457984 in addition to Security Update 4341832, which

   was released on August 14, 2018. See [Windows Server 2008 SP2

   servicing changes](https://cloudblogs.m...m/windowsserver

   /2018/06/12/windows-server-2008-sp2-servicing-changes/) for

   more information. In addition, a note has been added to FAQ #2

   to provide further information regarding enabling the mitigation

   for CVE-2017-5754 (Meltdown).

 - Originally posted: August 14, 2018

 - Updated: September 11, 2018

 - Version: 4.0

 

 

Other Information

=================


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#2 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,468 posts

Posted 16 September 2018 - 09:53 AM

********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: September 12, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a minor revision increment:

* CVE-2018-8421
* CVE-2018-8468

Revision Information:
=====================

- CVE-2018-8421 | .NET Framework Remote Code Execution
Vulnerability
- https://portal.msrc....urity-guidance/
advisory/CVE-2018-8421
- Reason for Revision: Corrected vulnerability description.
This is an informational change only.
- Originally posted: September 11, 2018
- Updated: September 12, 2018
- Aggregate CVE Severity Rating: Critical
- Version: 1.1


- CVE-2018-8468 | Windows Elevation of Privilege Vulnerability
- https://portal.msrc....urity-guidance/
advisory/CVE-2018-8468
- Reason for Revision: Corrected vulnerability description.
This is an informational change only.
- Originally posted: September 11, 2018
- Updated: September 12, 2018
- Aggregate CVE Severity Rating: Important
- Version: 1.1


Other Information
=================


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





Member of UNITE
Support SpywareInfo Forum - click the button