News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • September Windows/Office security patches

    Posted on September 11th, 2018 at 12:29 woody Comment on the AskWoody Lounge

    Martin Brinkmann has his usual comprehensive (and fast!) list on ghacks.net. Summary:

    Operating System Distribution

    • Windows 7: 18 vulnerabilities of which 3 are critical and 15 are important.
    • Windows 8.1: 22 vulnerabilities of which 4 are critical and 18 are important.
    • Windows 10 version 1703: 25 vulnerabilities of which 5 are critical and 18 are important. (extra critical is CVE-2018-0965)
    • Windows 10 version 1709: 24 vulnerabilities of which 4 are critical and 20 are important.
    • Windows 10 version 1803: 29 vulnerabilities of which 5 are critical and 24 are important. (extra critical is CVE-2018-0965)

    Windows Server products

    • Windows Server 2008 R2: 18 vulnerabilities of which 3 are critical and 15 are important.
    • Windows Server 2012 R2: 22 vulnerabilities of which 4 are critical and 18 are important.
    • Windows Server 2016: 25 vulnerabilities of which 5 are critical and 20 are important.

    Other Microsoft Products

    • Internet Explorer 11: 6 vulnerabilities, 3 critical, 3 important
    • Microsoft Edge: 13 vulnerabilities, 7 critical, 6 important

    I see 127 individual patches in the Microsoft Update Catalog.

    47 entries in the Security Updates Summary.

    Office 365 has a new Click to Run version. For those of you with installed (“MSI”) versions of Office, there’s a long list of new patches which includes 2010, 2013, 2016, Office viewers and Share Point Servers. (Thx @PKCano.)

    Official Release notes include two new advisories.

    There’s a servicing stack update for Win10 1803. If you install updates through Windows Update, that doesn’t matter — but if you are manually downloading and installing 1803 updates, be sure to snag KB 4456655 first.

    UPDATE: The SANS Internet Storm Center list is up.

    If that helped, take a second to support AskWoody on Patreon