{"id":205533,"date":"2018-06-14T01:00:43","date_gmt":"2018-06-13T23:00:43","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=205533"},"modified":"2022-08-22T10:20:20","modified_gmt":"2022-08-22T08:20:20","slug":"microsoft-security-update-releases-juni-2018","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2018\/06\/14\/microsoft-security-update-releases-juni-2018\/","title":{"rendered":"Microsoft Security Update Releases (Juni 2018)"},"content":{"rendered":"

Im Rahmen des Juni 2018-Patchdays (12.6.2018) hat Microsoft auch einige Sicherheitswarnungen aktualisiert bzw. neu herausgegeben. Hier eine unkommentierte \u00dcbersicht, was sich ge\u00e4ndert hat.<\/p>\n

<\/p>\n

\"\"********************************************************************
\nTitle: Microsoft Security Update Releases
\nIssued: June 12, 2018
\n********************************************************************<\/p>\n

Summary
\n=======<\/p>\n

The following CVEs have undergone a major revision increment:<\/p>\n

* CVE-2018-0976
\n* CVE-2018-1003
\n* CVE-2018-8136<\/p>\n

Revision Information:
\n=====================<\/p>\n

– CVE-2018-0976 | Windows Remote Desktop Protocol (RDP) Denial of
\nService Vulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: Microsoft is re-releasing security update
\n4093227 for all supported versions of Windows Server 2008 Service
\nPack 2 to address a signing issue experienced by some customers.
\nCustomers should reinstall this new update.
\n– Originally posted: April 10, 2018
\n– Updated: June 12, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 2.0<\/p>\n

– CVE-2018-1003 | Microsoft JET Database Engine Remote Code
\nExecution Vulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: Revised the Affected Products table to
\ninclude Windows 10 Version 1803 for 32-bit System, Windows 10
\nVersion 1803 for x64-based Systems, and Windows Server
\nversion 1803 (Server Core installation) because they are
\naffected by CVE-2018-1003. Microsoft recommends that
\ncustomers running Windows 10 Version 1803 install update
\n4284835 to be protected from this vulnerability.
\n– Originally posted: April 10, 2018
\n– Updated: June 12, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 2.0<\/p>\n

– CVE-2018-8136 | Windows Remote Code Execution Vulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: CVE revised to announce the availability
\nof security update 4130956 for Windows Server 2008. See
\nMicrosoft Knowledge Base Article 4130956 for more information.
\n– Originally posted: May 5, 2018
\n– Updated: June 12, 2018
\n– Aggregate CVE Severity Rating: Low
\n– Version: 2.0<\/p>\n

********************************************************************
\nTitle: Microsoft Security Advisory Notification
\nIssued: June 12, 2018
\n********************************************************************<\/p>\n

Security Advisories Released or Updated on June 12, 2018
\n===================================================================<\/p>\n

* Microsoft Security Advisory 4338110<\/p>\n

– Title: Microsoft guidance for CBC Symmetric Encryption Security
\nFeature Bypass
\n– https:\/\/docs.microsoft.com\/en-us\/security-updates\/securityadvisories\/2018\/4338110<\/a>
\n– Reason for Revision: Information published.
\n– Originally posted: June 12, 2018
\n– Version: 1.0<\/p>\n

* Microsoft Security Advisory 180002<\/p>\n

– Title: Guidance to mitigate speculative execution side-channel
\nvulnerabilities
\n– https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180002
\n– Reason for Revision: Updated FAQ #15 to announce that the
\nfollowing security updates provide addtional mitigations for AMD
\nprocessors for CVE-2017-5715: 1. Security update 4284874 for
\nWindows 10 Version 1703 – see KB4103723<\/a> for more information.
\n2. Security update 4284860 for Windows 10 – see KB4284860<\/a> for
\nmore information.
\n3. Security update 4284826\u00a0\u00a0\u00a0 (monthly rollup) or 4284867
\n(security only) for Windows 7, Windows Server 2008 R2, or
\nWindows Server 2008 R2 (Server Core\u00a0 installation) \u2013 see
\nKB4284826<\/a> or KB4284867<\/a> for more information.
\n– Originally posted: January 3, 2018
\n– Updated: June 12, 2018
\n– Version: 20.0<\/p>\n

* Microsoft Security Advisory 180012<\/p>\n

– Title: Microsoft Guidance for Speculative Store Bypass
\n– https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180012<\/a>
\n– Reason for Revision: Microsoft is announcing that the Windows
\nsecurity updates released on June 12, 2018 include support for
\nSpeculative Store Bypass Disable (SSBD) in Intel processors. This
\nsupport is available for all supported editions of Windows 10,
\nWindows Server 2016, Windows 7, and Windows Server 2008 R2. See
\nthe Affected Products table for the security updates. The
\nRecommended Actions section of this advisory has been updated
\nto include steps for applying updates to mitigate CVE-2018-3639 –
\nSpeculative Store Bypass (SSB), Variant 4. In addtion, revisions
\nhave been made to the FAQ section to address questions about
\nperformance implications of these updates and of SSBD.
\n– Originally posted: May 21, 2018
\n– Updated: June 12, 2018
\n– Version: 2.0<\/p>\n

********************************************************************
\nTitle: Microsoft Security Advisory Notification
\nIssued: June 13, 2018
\n********************************************************************<\/p>\n

Security Advisories Released or Updated on June 13, 2018
\n=====================================================
\n* Microsoft Security Advisory 180016<\/p>\n

– Title: Microsoft Guidance for Lazy FP State Restore
\n– https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180016<\/a>
\n– Reason for Revision: Information published.
\n– Originally posted: June 13, 2018
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n","protected":false},"excerpt":{"rendered":"

Im Rahmen des Juni 2018-Patchdays (12.6.2018) hat Microsoft auch einige Sicherheitswarnungen aktualisiert bzw. neu herausgegeben. Hier eine unkommentierte \u00dcbersicht, was sich ge\u00e4ndert hat.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[4328],"class_list":["post-205533","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/205533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=205533"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/205533\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=205533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=205533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=205533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}