[English]Microsoft hat am 13. Februar 2018 eine Reihe Sicherheits-Updates für Windows und andere Produkte freigegeben. Nachfolgend findet sich eine kurze Übersicht.
Anzeige
Details zu diesen Sicherheits-Updates finden sich im Microsoft Security TechCenter. Zudem werde ich die Updates in separaten Blog-Beiträgen dokumentieren.
Critical Security Updates
ChakraCore
Microsoft Edge
Internet Explorer 9
Internet Explorer 11
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation)
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server, version 1709 (Server Core Installation)
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Important Security Updates
Microsoft Office Word Viewer
Microsoft Project Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Moderate Security Updates
Internet Explorer 10
Anzeige
Liste der geschlossenen Sicherheitslücken
Hier noch die Liste (siehe auch hier) aller 50 Sicherheitslücken, die geschlossen wurden. Details folgen in separaten Artikeln.
| Tag | CVE ID | CVE Title |
|---|---|---|
| Side-Channel | ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities |
| Adobe Flash Player | ADV180004 | February 2018 Adobe Flash Security Update |
| Common Log File System Driver | CVE-2018-0844 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Common Log File System Driver | CVE-2018-0846 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Device Guard | CVE-2018-0827 | Windows Security Feature Bypass Vulnerability |
| Graphic Fonts | CVE-2018-0855 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0755 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0760 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0761 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Internet Explorer | CVE-2018-0866 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Browsers | CVE-2018-0840 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2018-0839 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Edge | CVE-2018-0771 | Microsoft Edge Security Feature Bypass Vulnerability |
| Microsoft Edge | CVE-2018-0763 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-0869 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0864 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0852 | Microsoft Outlook Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0851 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0850 | Microsoft Outlook Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0853 | Microsoft Office Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-0841 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0859 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0860 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0861 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0858 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0836 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0835 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0837 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0838 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0856 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0857 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0834 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2018-0822 | Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0823 | Named Pipe File System Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0825 | StructuredQuery Remote Code Execution Vulnerability |
| Microsoft Windows | CVE-2018-0828 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0826 | Windows Storage Services Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0821 | Windows AppContainer Elevation Of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0847 | Windows Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2018-0820 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0831 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0832 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0830 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0829 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0757 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0742 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0756 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0809 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0810 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0843 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0842 | Windows Remote Code Execution Vulnerability |
| Windows SMB Server | CVE-2018-0833 | Windows Denial of Service Vulnerability |
Microsoft Security Advisory Notification 13. Februar 2018
Microsoft Security Advisory ADV180002 Updated on February 13
– Title: Guidance to mitigate speculative execution side-channel
vulnerabilities
– https:https://portal.msrc.microsoft.com/en-US/security-guidance/
advisory/ADV180002
– Reason for Revision: Microsoft has released security updates to
provide additional protections for the 32-bit (x86) versions of
Windows 10 as follows: 4074596 for Windows 10, 4074591 for Windows
10 Version 1511, 4074590 for Windows 10 Version 1607, and 4074592
for Windows 10 Version 1703. Microsoft recommends that customers
running 32-bit systems install the applicable update as soon as
possible. Microsoft continues to work to provide 32-bit (x86)
protections for other supported Windows versions but does not
have a release schedule at this time. These update will be
included in subsequent updates, and do not apply to x64
(64-bit) systems. Added a section under Advisory Details to
announce that Microsoft has released mitigations for Windows
Holographic to Microsoft HoloLens customers that are provided
automatically as part of the February 2018 Windows Security
Update to Windows 10 Version 1607 for HoloLens. HoloLens
customers do not need to take any additional action to update
their device firmware. Added FAQ#12 and FAQ#13 to provide
further information for installing the February 2018
security updates.
Ähnliche Artikel:
Adobe Flash Player Update 28.0.0.161
Update KB4074595 (Flash Player) für Windows
Flash Player in Chrome oder Slimjet aktualisieren
Microsoft Patchday schließt Remote Code Execution-Lücken
Microsoft Office Patchday (6. Februar 2018)
Weitere Updates zum Microsoft Februar 2018-Patchday
Anzeige
Das Update KB4011711 für Outlook verursacht unter Windows XP dasselbe Problem wie das Update KB4011273 aus dem Vormonat.
Outlook lässt sich unter XP dann nicht mehr starten.
Nach der deinstallation geht alles wieder.
Im Mac Word 2016 Deutsch Version 16.x funktionieren einige Tabellenformeln nicht mehr (Syntaxfehler).
Diese Formel funktionierte in Version 15.x noch: {=PRODUCT(ROUND(PRODUCT(sub_total,0.08,0.2),2),5) \# "#'##0.00"}
Diese Formel funktioniert auch in V16 noch: {=sum(über) \# "#'##0.00"}
aber {=summe(über) \# "#'##0.00"} funktioniert nicht.