Jump to content


Photo

MS Security Updates - October 2018


  • Please log in to reply
4 replies to this topic

#1 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,467 posts

Posted 06 October 2018 - 09:13 AM

********************************************************************

Title: Microsoft Security Update Releases

Issued: October 2, 2018

********************************************************************

 

Summary

=======

 

The following CVE has undergone a major revision increment:

 

* CVE-2018-0952

 

Revision Information:

=====================

 

 - CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of

   Privilege Vulnerability

 - https://portal.msrc....curity-guidance

 - Reason for Revision: Microsoft is announcing the release of

   security update 4463110 for Microsoft Visual Studio 2015 Update 3

   which replaces the previous security update (4456688). Customers

   running this version of Microsoft Visual Studio should install

   this security update.

 - Originally posted: August 14, 2018

 - Updated: October 2, 2018

 - Aggregate CVE Severity Rating: Important

 - Version: 3.0

 

Other Information

=================


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#2 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,467 posts

Posted 14 October 2018 - 12:49 PM

********************************************************************

Title: Microsoft Security Update Releases

Issued: October 9, 2018

********************************************************************

 

Summary

=======

 

The following bulletin has undergone a major revision increment:

 

* MS11-025

 

Revision Information:

=====================

 

 - https://docs.microso...curity-updates/

   SecurityBulletins/2011/ms11-025:

   CVE-2010-3190 | MFC Insecure Library Loading Vulnerability

 - Reason for Revision: Added Exchange Servers to the Affected

   Products table. Customers who have any supported Exchange Server

   installed (Microsoft Exchange Server 2010 Service Pack 3,

   Microsoft Exchange Server 2013, Microsoft Exchange Server 2016)

   should reinstall KB2565063.

 - Originally posted: April 12, 2011

 - Updated: October 9, 2018

 - Aggregate CVE Severity Rating: Important

 - Version: 5.0

 

Other Information


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,467 posts

Posted 14 October 2018 - 12:50 PM

********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8292

Revision Information:
=====================

- CVE-2018-8292 | .NET Core Information Disclosure Vulnerability
- »portal.msrc.microsoft.co ··· guidance
- Reason for Revision: Information published. CVE-2018-8292 has
been added to the October 2018 Security Updates.
- Originally posted: October 9, 2018
- Aggregate CVE Severity Rating: Important
- Version: 1.0


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,467 posts

Posted 14 October 2018 - 12:55 PM

********************************************************************

Title: Microsoft Security Update Minor Revisions

Issued: October 9, 2018

********************************************************************

 

Summary

=======

 

The following CVE has undergone a minor revision increment:

 

* CVE-2018-8531

 

Revision Information:

=====================

 

 - CVE-2018-8531 | Azure IoT Device Client SDK Memory Corruption

   Vulnerability

 - https://portal.msrc....urity-guidance/

   advisory/CVE-2018-8531

 - Reason for Revision: In the Security Updates table, corrected

   the links to the Release Notes and Security Update for Hub Device

   Client SDK for Azure IoT. This is an informational change only.

 - Originally posted: October 9, 2018

 - Updated: October 9, 2018

 - Aggregate CVE Severity Rating: Important

 - Version: 1.1

 

Other Information

=================


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#5 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,467 posts

Posted 14 October 2018 - 12:58 PM

Microsoft Security Bulletin(s) for September 2018
 
Release Notes
September 2018 Security Updates
 
Release Date: September 11, 2018
 
The September security release consists of security updates for the following software:
 
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
Adobe Flash Player
.NET Framework
Microsoft.Data.OData
ASP.NET
 
Please note the following information regarding the security updates:
 
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
•Starting in March 2017, a delta package will be available on the Microsoft Update Catalog for Windows 10 version 1607 and newer. This delta package contains just the delta changes between the previous month and the current release.
•Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
•For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
•In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
 
The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.
 
 
 
Known Issues
 
 
  • 4457128
  • 4457144

    4458321

    https://portal.msrc....78-000d3a33c573


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





Member of UNITE
Support SpywareInfo Forum - click the button