News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Tuesday patches start rolling out

    Posted on February 12th, 2019 at 12:14 woody Comment on the AskWoody Lounge

    Martin Brinkmann is out with his usual monthly overview

    • Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
    • Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
    • Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

    All versions of Windows, all versions of Server, Edge, IE, Office, .NET, and much more.

    May the odds be forever in your.. oh, nevermind.

    Dustin Childs has his Zero Day Initiative post – always good reading.

    …security patches for 77 CVEs along with three new advisories.

    Of these 74 CVEs, 20 are rated Critical, 54 are rated Important, and three are rated Moderate in severity. A total of 21 of these CVEs came through the ZDI program. Four of these bugs are listed as public and one is listed as being under active attack at the time of release.

    The actively exploited vulnerability:

    An attacker could use this to check for files on a target system if a user browses [with Internet Explorer] to a specially crafted website. Microsoft doesn’t list how this bug is being exploited in the wild, but it’s likely restricted to targeted attacks.

    And of course you aren’t using IE. Right?

    There are new Servicing Stack Updates for:
    Win10 v1607  KB 4485447
    Win10 v1703  KB 4487327
    Win10 v1709  KB 4485448
    Win10 v1803  KB 4485449
    Servicing stack updates only count if you manually install the Windows 10 cumulative updates. And, of course, you followed my Block Monday advice and wouldn’t dream of installing any patches, much less manually install Win10 cumulative updates.
    February 2019 Security Updates for Microsoft Office 2010, Office 2013, Office 2016, the Office Viewers, and SharePoint Servers are available on the Office Support Pages. These Updates are for the .msi versions of Office, not Office 365 or C2R.
    If that helped, take a second to support AskWoody on Patreon