[English]Zum 9. Oktober 2018 hat Microsoft wieder zahlreiche Sicherheitsupdates für Windows-Clients und –Server, für Office etc. freigegeben. Hier ein kompakter Überblick.
Anzeige
Die Liste wurde auf seclists.org veröffentlicht. Eine weitere Liste der Updates findet sich auf dieser Microsoft-Seite. Details zu den Update-Paketen für Windows, Office etc. gibt es in separaten Blog-Beiträgen.
********************************************************************
Microsoft Security Update Summary for October 9, 2018
Issued: October 9, 2018
********************************************************************
This summary lists security updates released for October 9, 2018.
Complete information for the October 2018 security update release can
Be found at <https://portal.msrc.microsoft.com/en-us/security-guidance>.
Anzeige
Please note the following information regarding the security updates:
* Customers running Windows 7 or Windows Server 2008 R2 need to
ensure they have Servicing Stack Update (SSU) 3177467 installed
before installing the October 2018 security updates, to avoid a
failure to install. See [Microsoft Knowledge Base Article
3177467](https://support.microsoft.com/en-us/help/3177467) for more
information about this SSU.
* Windows 10 updates are cumulative. The monthly security release
includes all security fixes for vulnerabilities that affect Windows 10,
in addition to non-security updates. The updates are available via
the [Microsoft Update
Catalog](http://catalog.update.microsoft.com/v7/site/Home.aspx).
* Starting in March 2017, a delta package will be available on the
Microsoft Update Catalog for Windows 10 version 1607 and newer. This
delta package contains just the delta changes between the previous
month and the current release.
* Updates for Windows RT 8.1 and Microsoft Office RT software are
only available via [Windows
Update](http://go.microsoft.com/fwlink/?LinkId=21130).
* For information on lifecycle and support dates for Windows 10
operating systems, please see [Windows Lifecycle Facts
Sheet](https://support.microsoft.com/en-us/help/13853/windows-
lifecycle-fact-sheet).
* In addition to security changes for the vulnerabilities, updates
include defense-in-depth updates to help improve security-related
features.
Critical Security Updates
ChakraCore
Internet Explorer 11
Microsoft Edge
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 version 1709 for 32-bit Systems
Windows 10 version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server, version 1709 (Server Core Installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Important Security Updates
Hub Device Client SDK for Azure IoT
Azure IoT Edge
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2016 for Mac
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Office 365 ProPlus for 32-bit Systems
Office 365 ProPlus for 64-bit Systems
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft Office Word Viewer
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions)
Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions)
Microsoft PowerPoint 2013 RT Service Pack 1
Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions)
Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions)
Microsoft PowerPoint 2016 (32-bit edition)
Microsoft PowerPoint 2016 (64-bit edition)
Microsoft PowerPoint Viewer 2007
PowerPoint Viewer 2010 32-bit edition
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Microsoft Exchange Server 2010 Service Pack 3
Microsoft Exchange Server 2013
Microsoft Exchange Server 2013 Cumulative Update 21
Microsoft Exchange Server 2016
Microsoft Exchange Server 2016 Cumulative Update 10
SQL Server Management Studio 17.9
SQL Server Management Studio 18.0 (Preview 4)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 9, 2018
********************************************************************
Summary
=======
The following CVE has undergone a minor revision increment:
* CVE-2018-8531
Revision Information:
=====================
– CVE-2018-8531
Azure IoT Device Client SDK Memory Corruption
Vulnerability
– Reason for Revision: In the Security Updates table, corrected
the links to the Release Notes and Security Update for Hub Device
Client SDK for Azure IoT. This is an informational change only.
– Originally posted: October 9, 2018
– Updated: October 9, 2018
– Aggregate CVE Severity Rating: Important
– Version: 1.1
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************
Summary
=======
The following CVE been added to the October 2018 Security updates:
* CVE-2018-8292
Revision Information:
=====================
– CVE-2018-8292 | .NET Core Information Disclosure Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Information published. CVE-2018-8292 has
been added to the October 2018 Security Updates.
– Originally posted: October 9, 2018
– Aggregate CVE Severity Rating: Important
– Version: 1.0
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************
Summary
=======
The following bulletin has undergone a major revision increment:
* MS11-025
Revision Information:
=====================
– https://docs.microsoft.com/en-us/security-updates/
SecurityBulletins/2011/ms11-025:
CVE-2010-3190 | MFC Insecure Library Loading Vulnerability
– Reason for Revision: Added Exchange Servers to the Affected
Products table. Customers who have any supported Exchange Server
installed (Microsoft Exchange Server 2010 Service Pack 3,
Microsoft Exchange Server 2013, Microsoft Exchange Server 2016)
should reinstall KB2565063.
– Originally posted: April 12, 2011
– Updated: October 9, 2018
– Aggregate CVE Severity Rating: Important
– Version: 5.0
Ähnliche Artikel:
Adobe Flash Player: Update Version 31.0.0.122
Microsoft Security Update Summary 9. Oktober 2018
Patchday Windows 10-Updates (9. Oktober 2018)
Patchday: Updates für Windows 7/8.1/Server 9. Okt. 2018
Patchday Microsoft Office Updates (9. Oktober 2018)
Microsoft Patchday: Weitere Updates zum 9. Oktober 2018
Anzeige
Bei dem Oktober Rollup zu .Net Framework gibt es scheinbar Probleme, denn es wird von keiner Windows 7 Maschiene angefordert, aber der WSUS sagt dass das Update installiert worden wäre (Update steht im WSUS sogar auf noch für gar keine Gruppe genehmigt); das passt auch dazu dass es kein Security only Update für .Net Framework gibt