Zum April-Patchday (11. April 2017) hat Microsoft eine Reihe kritischer Sicherheitsupdates für Windows, Flash, Office etc. freigegeben.
Anzeige
Hier die komprimierte Liste der Produkte, die ein Sicherheitsupdate über Windows Update erhalten.
Critical Adobe Flash Player
Critical Internet Explorer 10
Critical Internet Explorer 11
Critical Internet Explorer 9
Critical Microsoft Edge
Critical Microsoft .NET Framework 2.0 Service Pack 2
Critical Microsoft .NET Framework 3.5
Critical Microsoft .NET Framework 3.5.1
Critical Microsoft .NET Framework 4.5.2
Critical Microsoft .NET Framework 4.6
Critical Microsoft .NET Framework 4.6.1
Critical Microsoft .NET Framework 4.6.2
Critical Microsoft .NET Framework 4.6/4.6.1
Critical Microsoft .NET Framework 4.7
Critical Microsoft Office 2007 Service Pack 3
Critical Microsoft Office 2010 Service Pack 2 (32-bit editions)
Critical Microsoft Office 2010 Service Pack 2 (64-bit editions)
Critical Microsoft Office 2013 RT Service Pack 1
Critical Microsoft Office 2013 Service Pack 1 (32-bit editions)
Critical Microsoft Office 2013 Service Pack 1 (64-bit editions)
Critical Microsoft Office 2016 (32-bit edition)
Critical Microsoft Office 2016 (64-bit edition)
Critical Microsoft Outlook 2007 Service Pack 3
Critical Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Critical Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Critical Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Critical Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Critical Microsoft Outlook 2016 (32-bit edition)
Critical Microsoft Outlook 2016 (64-bit edition)
Critical Microsoft Outlook for Mac 2011
Critical Windows 10 for 32-bit Systems
Critical Windows 10 for x64-based Systems
Critical Windows 10 Version 1511 for 32-bit Systems
Critical Windows 10 Version 1511 for x64-based Systems
Critical Windows 10 Version 1607 for 32-bit Systems
Critical Windows 10 Version 1607 for x64-based Systems
Critical Windows 10 Version 1703 for 32-bit Systems
Critical Windows 10 Version 1703 for x64-based Systems
Critical Windows 7 for 32-bit Systems Service Pack 1
Critical Windows 7 for x64-based Systems Service Pack 1
Critical Windows 8.1 for 32-bit systems
Critical Windows 8.1 for x64-based systems
Critical Windows RT 8.1
Critical Windows Server 2008 for 32-bit Systems Service Pack 2
Critical Windows Server 2008 for 32-bit Systems Service Pack 2
(Server Core installation)
Critical Windows Server 2008 for Itanium-Based Systems Service
Pack 2
Critical Windows Server 2008 for x64-based Systems Service
Pack 2
Critical Windows Server 2008 for x64-based Systems Service
Pack 2 (Server Core installation)
Critical Windows Server 2008 R2 for Itanium-Based Systems
Service Pack 1
Critical Windows Server 2008 R2 for x64-based Systems Service
Pack 1
Critical Windows Server 2008 R2 for x64-based Systems Service
Pack 1 (Server Core installation)
Critical Windows Server 2012
Critical Windows Server 2012 (Server Core installation)
Critical Windows Server 2012 R2
Critical Windows Server 2012 R2 (Server Core installation)
Critical Windows Server 2016
Critical Windows Server 2016 (Server Core installation)
Critical Windows Vista Service Pack 2
Critical Windows Vista x64 Edition Service Pack 2
Important Security Updates
============================
Important Microsoft Excel 2007 Service Pack 3
Important Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Important Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Important Microsoft Excel Web App 2010 Service Pack 2
Important Excel Services
Important Microsoft Office Compatibility Pack Service Pack 2
Important Microsoft Office Web Apps 2010 Service Pack 2
Important Microsoft Office Web Apps Server 2013 Service Pack 1
Important Office Online Server
Important Microsoft OneNote 2007 Service Pack 3
Important Microsoft OneNote 2010 Service Pack 2 (32-bit editions)
Important Microsoft OneNote 2010 Service Pack 2 (64-bit editions)
Important Microsoft Silverlight 5 Developer Runtime when installed
on Microsoft Windows (32-bit)
Important Microsoft Silverlight 5 Developer Runtime when installed
on Microsoft Windows (x64-based)
Important Microsoft Silverlight 5 when installed on Microsoft
Windows (32-bit)
Important Microsoft Silverlight 5 when installed on Microsoft
Windows (x64-based)
Important Mono Framework Version 4.8.1.0
Important Mono Framework Version 5.0.0.48
Anzeige
Links zu den einzelnen Update-Paketen finden sich auf dieser Microsoft Webseite.
Revidierte Updates
Zudem gibt es Revisionen früherer Sicherheitsupdates:
MS16-037
– Title: Cumulative Security Update for Internet Explorer (3148531)
– https://technet.microsoft.com/library/security/ms16-037.aspx
– Reason for Revision: Bulletin revised to announce the release
of a new Internet Explorer cumulative update (4014661) for
CVE-2016-0162. The update adds to the original release to
comprehensively address CVE-2016-0162. Microsoft recommends that
customers running the affected software install the security
update to be fully protected from the vulnerability described
in this bulletin. See Microsoft Knowledge Base Article 4014661
for more information.
– Originally posted: April 12, 2016
– Updated: April 11, 2017
– Bulletin Severity Rating: Critical
– Version: 2.0
MS17-013
– Title: Security Update for Microsoft Graphics Component (4013075)
– https://technet.microsoft.com/library/security/ms17-013.aspx
– Reason for Revision: Bulletin revised to announce the release of
update 4017018 for Windows Vista and Windows Server 2008. The
update replaces update 4012583 for CVE-2017-0038 only, to
comprehensively address the vulnerability. Microsoft recommends
that customers running the affected software install the security
update to be fully protected from the vulnerability described in
this bulletin. See Microsoft Knowledge Base Article 4017018 for
more information.
– Originally posted: March 14, 2017
– Updated: April 11, 2017
– Bulletin Severity Rating: Critical
– Version: 2.0
MS17-014
– Title: Security Update for Microsoft Office (4013241)
– https://technet.microsoft.com/library/security/ms17-014.aspx
– Reason for Revision: To comprehensively address CVE-2017-0027 for
Office for Mac 2011 only, Microsoft is releasing security update
3212218. Microsoft recommends that customers running Office for
Mac 2011 install update 3212218 to be fully protected from this
vulnerability. See Microsoft Knowledge Base Article 3212218 for
more information.
– Originally posted: March 14, 2017
– Updated: April 11, 2017
– Bulletin Severity Rating: Important
– Version: 2.0
MS17-021
– Title: Security Update for Windows DirectShow (4010318)
–
– Reason for Revision: Bulletin revised to announce that the security
updates that apply to CVE-2017-0042 for Windows Server 2012 are now
available. Customers running Windows Server 2012 should install
update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be
fully protected from this vulnerability. Customers running other
versions of Microsoft Windows do not need to take any further
action.
– Originally posted: March 14, 2017
– Updated: April 11, 2017
– Bulletin Severity Rating: Important
– Version: 2.0
MS16-APR
– Title: Microsoft Security Bulletin Summary for April 2016
– https://technet.microsoft.com/library/security/ms16-apr.aspx
– Reason for Revision: V3.0 (April 11, 2016): For MS16-037,
Bulletin Summary revised to announce the release of a new
Internet Explorer cumulative update (4014661) for CVE-2016-0162.
The update adds to the original release to comprehensively address
CVE-2016-0162. Microsoft recommends that customers running the
affected software install the security update to be fully protected
from the vulnerability described in this bulletin. See Microsoft
Knowledge Base Article 4014661 for more information.
– Originally posted: April 12, 2016
– Updated: April 11, 2016
– Bulletin Severity Rating: Not applicable
– Version: 3.0
MS17-MAR
– Title: Microsoft Security Bulletin Summary for March 2017
– https://technet.microsoft.com/library/security/ms17-mar.aspx
– Reason for Revision: V2.0 (April 11, 2016): For MS17-013,
Bulletin Summary revised to announce the release of update 4017018
for Windows Vista and Windows Server 2008. The update replaces
update 4012583 for CVE-2017-0038 only, to comprehensively address
the vulnerability. Microsoft recommends that customers running the
affected software install the security update to be fully protected
from the vulnerability described in this bulletin. See Microsoft
Knowledge Base Article 4017018 for more information.
For MS17-014, to comprehensively address CVE-2017-0027 for Office for
Mac 2011 only, Microsoft is releasing security update 3212218.
Microsoft recommends that customers running Office for Mac 2011
install update 3212218 to be fully protected from this vulnerability.
See Microsoft Knowledge Base Article 3212218 for more information.
For MS17-021, security updates that apply to CVE-2017-0042 for
Windows Server 2012 are now available. Customers running Windows Server
2012
should install update 4015548 (Security Only) or 4015551 (Monthly
Rollup)
to be fully protected from this vulnerability. Customers running other
versions of Microsoft Windows do not need to take any further action.
– Originally posted: March 14, 2017
– Updated: April 11, 2016
– Bulletin Severity Rating: Not applicable
– Version: 2.0
Updates für Windows 10
Für die einzelnen Windows 10-Builds stehen zum Patchday 11. April 2017 die Sicherheitsupdates KB4015583 (Windows 10 Version 1703), KB4015217 (Windows 10 Version 1607), KB4015219 (Windows 10 Version 1511) und KB4015221 (Windows 10 RTM) bereit.
Updates für Windows 8.1
Für Windows 8.1, Windows RT 8.1 und Windows Server 2012 R2 wurde das Update Rollup KB4015550 freigegeben. Dieses steht unter Windows Update oder im Microsoft Update Catalog bereit. Das Security only Update für Windows 8.1 ist KB4015547. Und das Security only Update KB4015548 wurde für Windows Server 2012 Standard freigegeben.
Updates für Windows 7.1
Für Windows 7 SP1 und Windows Server 2008 R2 SP1 wurde das Update Rollup KB4015549 freigegeben. Weiterhin gibt es noch das Security only Update KB4015546 für diese Windows-Versionen. Diese stehen über Windows Update (nur KB4015549) oder im Microsoft Update Catalog bereit.
Die einzelnen Updates werden in separaten Blog-Beiträgen dokumentiert (siehe folgende Links).
Ähnliche Artikel:
Adobe Flash-Update (11. April 2017)
Adobe Reader Sicherheits-Update (April 2017)
Windows 10: Sicherheitsupdates 11. April 2017
Windows 7/8.1: Sicherheitsupdates 11. April 2017
April 2017-Sicherheitsupdates für Office, IE und .NET
Anzeige
Welches Update ist das mit der mega-gefährlichen Lücke?
Das würde ich gerne kurzfristig pushen.
Ich würde sagen CVE-2017-0199, da die Sicherheitslücke kritisch ist und bereits ausgenutzt wird.
https://portal.msrc.microsoft.com/de-de/security-guidance/advisory/CVE-2017-0199
Also Kb3178710 (Office 2013) bzw. Kb3178703 (Office 2016) iVm zB. Kb4015546 (April 2017 – Securtiy Update für Windows 7).
Das ist natürlich nicht was ich will.
Kb4015546 wird sicherlich nicht vor Anfang nächster Woche ausgerollt. Egal wie schwer die Lücke ist.
Danke für die Infos lieber Günter.
Und wieder der Hinweis für alle, die manuell nur die Security Only Updates patchen: Der Internet Explorer Patch ist dann separat einzuspielen, erhältlich im Update Catalog.
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4014661
Das "Only Update" für Win 8.1 wäre KB4015547.
Gruß
"Updates für Windows 8.1", KB4015548
ist im upd-Catalog als für "Windows 8 Embedded" gelistet. Ungleich 8.1?!
Letzten Monat reichte die Installation des "Security only Update" aus, konnte das größere Update Rollup vernachlässigt werden. Ist das noch so und welches ist "Security only Update" für win8.1?
merzi. :)
gefunden, sec-only für 8.1 ist KB4015547. allet etwas verworren… ;)