Aktualisierte Microsoft Security Advisory-Informationen

Publiziert am 20. Juli 2018 von Günter Born

Microsoft hat am 19. Juli 2018 einige Sicherheitsinformationen (Microsoft Security Advisory Notification) überarbeitet. Zudem gab es Revisionen bei den Beschreibungen der Sicherheitsupdates. Hier ein Überblick, was sich geändert hat.

Anzeige

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 19, 2018
********************************************************************
Security Advisories Released or Updated on July 19, 2018
===================================================================

* Microsoft Security Advisory ADV180002

– Title: Guidance to mitigate speculative execution side-channel
   vulnerabilities
https://portal.msrc.microsoft.com/en-us/security-guidance/
     advisory/ADV180002
– Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Alternate
   Cumulative update packages for Windows 10, and Standalone and
   Preview Rollup packages for all other supported editions of
   Windows. These packages are available via Microsoft Update
   catalog, WSUS, or by manually searching Windows Update. Customers
   who are experiencing issues after installing the July Windows
   security updates should install the replacement packages as
   applicable. Please refer to the Affected Products table for the
   replacement package KB numbers. Customers who have successfully
   installed the security updates and who are not experiencing any
   issues do not need to take any action.
– Originally posted: January 3, 2018
– Updated: July 19, 2018
– Version: 22.0

* Microsoft Security Advisory ADV180016

Anzeige

– Title: Microsoft Guidance for Lazy FP State Restore
https://portal.msrc.microsoft.com/en-us/security-guidance/
    advisory/ADV180016
– Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Alternate
   Cumulative update packages for Windows 10, and Standalone and
   Preview Rollup packages for all other supported editions of
   Windows. These packages are available via Microsoft Update
   catalog, WSUS, or by manually searching Windows Update. Customers
   who are experiencing issues after installing the July Windows
   security updates should install the replacement packages as
   applicable. Please refer to the Affected Products table for the
   replacement package KB numbers. Customers who have successfully
   installed the security updates and who are not experiencing any
   issues do not need to take any action.
– Originally posted: June 13, 2018
– Updated: July 19, 2018
– Version: 3.0

********************************************************************
Title: Microsoft Security Update Releases
Issued: July 19, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2018-8202
* CVE-2018-8260
* CVE-2018-8284
* CVE-2018-8356
 
Revision Information:
=====================

https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for all supported editions of Windows 10. These
   packages are available via Microsoft Update catalog, WSUS, or by
   manually searching Windows Update. Customers who are experiencing
   issues after installing the July Windows security updates should
   install the replacement packages as applicable. Note that the
   Monthly Rollup and Security Only updates for .NET Framework are
   not affected. Please refer to the Affected Products table for the
   replacement package KB numbers. Customers who have successfully
   installed the security updates and who are not experiencing any
   issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 2.0

The following CVEs have undergone a major revision increment:

* CVE-2018-0949
* CVE-2018-8242
* CVE-2018-8287
* CVE-2018-8288
* CVE-2018-8291
* CVE-2018-8296

Revision Information:
=====================

https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for Windows 10, and Standalone and Preview Rollup
   packages for all other supported editions of Windows. These packages
   are available via Microsoft Update catalog, WSUS, or by manually
   searching Windows Update. Customers who are experiencing issues
   after installing the July Windows security updates should install
   the replacement packages as applicable. Note that the IE Cumulative
   updates are not affected. Please refer to the Affected Products
   table for the replacement package KB numbers. Customers who have
   successfully installed the security updates and who are not
   experiencing any issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 2.0

The following CVEs have undergone a major revision increment:

* CVE-2018-8125    * CVE-2018-8279    * CVE-2018-8301
* CVE-2018-8206    * CVE-2018-8280    * CVE-2018-8304
* CVE-2018-8222    * CVE-2018-8282    * CVE-2018-8307
* CVE-2018-8262    * CVE-2018-8286    * CVE-2018-8308
* CVE-2018-8274    * CVE-2018-8289    * CVE-2018-8309
* CVE-2018-8275    * CVE-2018-8290    * CVE-2018-8313
* CVE-2018-8276    * CVE-2018-8294    * CVE-2018-8314
* CVE-2018-8278    * CVE-2018-8297    * CVE-2018-8324
                * CVE-2018-8325

Revision Information:
=====================

https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for Windows 10, and Standalone and Preview Rollup
   packages for all other supported editions of Windows. These
   packages are available via Microsoft Update catalog, WSUS, or by
   manually searching Windows Update. Customers who are experiencing
   issues after installing the July Windows security updates should
   install the replacement packages as applicable. Please refer to the
   Affected Products table for the replacement package KB numbers.
   Customers who have successfully installed the security updates and
   who are not experiencing any issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Critical
– Version: 2.0

The following CVE has undergone a major revision increment:

* CVE-2018-8356

Revision Information:
=====================

https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Affected Products table to
   include PowerShell Core 6.0 and PowerShell Core 6.1 because
   these products are affected by CVE-2018-9356. See
   https://github.com/PowerShell/Announcements/issues/6 for
   more information.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 3.0

Anzeige
Dieser Beitrag wurde unter Sicherheit abgelegt und mit verschlagwortet. Setze ein Lesezeichen auf den Permalink.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Hinweis: Bitte beachtet die Regeln zum Kommentieren im Blog (Erstkommentare und Verlinktes landet in der Moderation, gebe ich alle paar Stunden frei, SEO-Posts/SPAM lösche ich rigoros). Kommentare abseits des Themas bitte unter Diskussion.

Du findest den Blog gut, hast aber Werbung geblockt? Du kannst diesen Blog auch durch eine Spende unterstützen.