Microsoft Security Bulletin(s) for February 2018

Discussion in 'update alerts' started by NICK ADSL UK, Feb 13, 2018.

  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,277
    Location:
    UK
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,277
    Location:
    UK
    Microsoft Security Bulletin(s) for February 2018
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).
    Note: Microsoft Security Response Centre and Security TechCenter are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


    Release Notes
    https://portal.msrc.microsoft.com/e...tedetail/879af9c3-970b-e811-a961-000d3a33c573

    February 2018 Security Updates

    Release Date: February 13, 2018

    The February security release consists of security updates for the following software:
    •Internet Explorer
    •Microsoft Edge
    •Microsoft Windows
    •Microsoft Office and Microsoft Office Services and Web Apps
    •ChakraCore
    •Adobe Flash
    Please note the following information regarding the security updates:
    •Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
    http://catalog.update.microsoft.com/v7/site/Home.aspx

    •Starting in March 2017, a delta package will be available on the Microsoft Update Catalog for Windows 10 version 1607 and newer. This delta package contains just the delta changes between the previous month and the current release.
    •Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
    http://go.microsoft.com/fwlink/?LinkId=21130


    •In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    •After May 9, 2017, customers running Windows 10 version 1507 will no longer receive security and quality updates, with the exception of the Windows 10 2015 LTSB and the Windows 10 IoT Enterprise 2015 LTSB editions. Microsoft recommends that customers with devices running other editions of Windows 10 version 1507 that are no longer supported update these devices to the latest version of Windows 10. For more information see Microsoft Knowledge Base Article 4015562.
    https://support.microsoft.com/help/4015562
     
    Last edited: Feb 13, 2018
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,277
    Location:
    UK
    ********************************************************************
    Title: Microsoft Security Advisory Notification
    Issued: February 13, 2018
    ********************************************************************

    Security Advisories Released or Updated on February 13
    ===================================================================

    * Microsoft Security Advisory ADV180002

    - Title: Guidance to mitigate speculative execution side-channel
    vulnerabilities
    - https:https://portal.msrc.microsoft.com/en-US/security-guidance/
    advisory/ADV180002
    - Reason for Revision: Microsoft has released security updates to
    provide additional protections for the 32-bit (x86) versions of
    Windows 10 as follows: 4074596 for Windows 10, 4074591 for Windows
    10 Version 1511, 4074590 for Windows 10 Version 1607, and 4074592
    for Windows 10 Version 1703. Microsoft recommends that customers
    running 32-bit systems install the applicable update as soon as
    possible. Microsoft continues to work to provide 32-bit (x86)
    protections for other supported Windows versions but does not
    have a release schedule at this time. These update will be
    included in subsequent updates, and do not apply to x64
    (64-bit) systems. Added a section under Advisory Details to
    announce that Microsoft has released mitigations for Windows
    Holographic to Microsoft HoloLens customers that are provided
    automatically as part of the February 2018 Windows Security
    Update to Windows 10 Version 1607 for HoloLens. HoloLens
    customers do not need to take any additional action to update
    their device firmware. Added FAQ#12 and FAQ#13 to provide
    further information for installing the February 2018
    security updates.

    - Originally posted: January 3, 2018
    - Updated: February 13, 2018
    - Version: 12.0
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,277
    Location:
    UK
    Title: Microsoft Security Update Releases
    Issued: February 16, 2018
    ********************************************************************

    Summary
    =======

    The following CVEs have undergone a major revision increment:

    * CVE-2018-0810

    Revision Information:
    =====================

    - https://portal.msrc.microsoft.com/en-us/security-guidance/
    advisory/CVE-2018-0810
    - Version: 2.0
    - Reason for Revision: Revised the Affected Products table to
    include Windows Server 2008 R2 for x64-based Systems Service
    Pack 1 and Windows Server 2008 R2 for Itanium-based Systems
    Service Pack 1 because they are affected by CVE-2018-0810.
    Microsoft recommends that customers running Windows Sever
    2008 R2 should install Monthly Rollup 4074598 or Security
    Update 4074587 to be protected from this vulnerability.
    - Originally posted: February 13, 2018
    - Updated: Febraury 14, 2018
    - Aggregate CVE Severity Rating: Important


    * CVE-2018-0831

    Revision Information:
    =====================

    - https://portal.msrc.microsoft.com/en-us/security-guidance/
    advisory/CVE-2018-0831
    - Version: 3.0
    - Reason for Revision: Revised the Affected Products table to
    include Windows 10 Version 1709 for x64-based Systems because it
    is affected by CVE-2018-0831. Microsoft recommends that customers
    running Windows 10 Version 1709 should install update 4074588 to
    be protected from this vulnerability.
    - Originally posted: February 13, 2018
    - Updated: Febraury 14, 2018
    - Aggregate CVE Severity Rating: Important
     
Loading...