{"id":220325,"date":"2019-07-09T23:49:01","date_gmt":"2019-07-09T21:49:01","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=220325"},"modified":"2022-08-22T10:17:15","modified_gmt":"2022-08-22T08:17:15","slug":"microsoft-security-update-summary-9-juli-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2019\/07\/09\/microsoft-security-update-summary-9-juli-2019\/","title":{"rendered":"Microsoft Security Update Summary (9. Juli 2019)"},"content":{"rendered":"

\"Windows[English<\/a>]Zum 9. Juli 2019 hat Microsoft zahlreiche Sicherheitsupdates f\u00fcr Windows-Clients und \u2013Server, f\u00fcr Office etc. freigegeben. Hier ein kompakter \u00dcberblick.<\/p>\n

<\/p>\n

\"\"Eine Liste der Updates findet sich auf dieser Microsoft-Seite<\/a>. Details zu den Update-Paketen f\u00fcr Windows, Office etc. gibt es in separaten Blog-Beitr\u00e4gen.<\/p>\n

Servicing Stack Updates<\/h2>\n

Microsoft ver\u00f6ffentlicht inzwischen eine \u00dcbersicht \u00fcber alle aktuellen Servicing Stack Updates (SSUs). Die Liste der SSUs findet sich unter ADV990001<\/a>.<\/p>\n

Anmerkungen zu Updates<\/h2>\n

Alle Windows 10 Updates sind kumulativ. Das monatliche Update zum Patchday enth\u00e4lt alle Sicherheitsfixes f\u00fcr Windows 10. Zudem sind alle nicht sicherheitsrelevanten Fixes bis zum Patchday enthalten.<\/p>\n

Ab M\u00e4rz 2017 ist f\u00fcr Windows 10 Version 1607 und neuer ein Delta-Paket im Microsoft Update Katalog verf\u00fcgbar. Dieses Delta-Paket enth\u00e4lt nur die Delta-\u00c4nderungen zwischen den vorherigen Monat und die aktuelle Version.<\/p>\n

Zus\u00e4tzlich zu den Sicherheitspatches f\u00fcr die Schwachstellen enthalten die Updates sogenannte 'defense-in-depth updates', um die Sicherheit zu verbessern.<\/p>\n

Die Updates lassen sich auch per Microsoft Update Catalog<\/a> herunterladen. Die Updates f\u00fcr Windows RT 8.1 und Microsoft Office RT sind nur \u00fcber Windows Update erh\u00e4ltlich. Informationen zum Support-Zeitraum f\u00fcr Windows 10 finden sich im Windows Lifecycle Facts Sheet<\/a>.<\/p>\n

Von den nachfolgenden Schwachstellen wurde 6 als wichtig eingestuft, keine wurde bisher in der Praxis ausgenutzt. Allerdings wurden zwei neue Sicherheitsl\u00fccken, von denen eine alle unterst\u00fctzten Versionen des Windows-Betriebssystems betrifft und die andere Windows 7 und Server 2008, als aktiv genutzt gemeldet. Beide aktiv ausgenutzten Schwachstellen f\u00fchren zu einer Erh\u00f6hung der Berechtigung (Privileg Escalation), von denen eine (CVE-2019-1132) in der Win32k-Komponente liegt und einem Angreifer erlauben k\u00f6nnte, beliebigen Code im Kernelmodus auszuf\u00fchren.<\/p>\n

Die andere aktiv ausgenutzte Schwachstelle (CVE-2019-0880) liegt jedoch in der Art und Weise, wie splwow64<\/em> (Thunking Spooler APIs) bestimmte Aufrufe behandelt, so dass ein Angreifer oder ein b\u00f6sartiges Programm seine Privilegien auf einem betroffenen System von einer niedrigen Integrit\u00e4t auf eine mittlere Integrit\u00e4t erh\u00f6hen kann.<\/p>\n

Die \u00f6ffentlich bekannten Fehler betreffen die Docker-Laufzeit, die SymCrypt Windows-Kryptobibliothek, Remote Desktop Services, Azure Automation, Microsoft SQL Server und Windows AppX Deployment Service (AppXSVC).<\/p>\n

Microsoft hat auch Updates f\u00fcr 14 kritische Schwachstellen ver\u00f6ffentlicht, und wie erwartet f\u00fchren alle zu Angriffen auf die Ausf\u00fchrung von Remote-Code und betreffen Microsoft-Produkte, die von Internet Explorer und Edge bis hin zu Windows Server DHCP, Azure DevOps und Team Foundation Servern reichen.<\/p>\n

Critical Security Updates<\/h2>\n

Internet Explorer 11
\nChakraCore
\nMicrosoft Edge
\nWindows Server 2008 for 32-bit Systems Service Pack 2
\nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
\ninstallation)
\nWindows Server 2008 for Itanium-Based Systems Service Pack 2
\nWindows Server 2008 for x64-based Systems Service Pack 2
\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core
\ninstallation)
\nWindows 7 for 32-bit Systems Service Pack 1
\nWindows 7 for x64-based Systems Service Pack 1
\nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1
\nWindows Server 2008 R2 for x64-based Systems Service Pack 1
\nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server
\nCore installation)
\nWindows Server 2012
\nWindows Server 2012 (Server Core installation)
\nWindows 8.1 for 32-bit systems
\nWindows 8.1 for x64-based systems
\nWindows RT 8.1
\nWindows Server 2012 R2
\nWindows Server 2012 R2 (Server Core installation)
\nWindows 10 for 32-bit Systems
\nWindows 10 for x64-based Systems
\nWindows 10 Version 1607 for 32-bit Systems
\nWindows 10 Version 1607 for x64-based Systems
\nWindows 10 Version 1703 for 32-bit Systems
\nWindows 10 Version 1703 for x64-based Systems
\nWindows 10 version 1709 for 32-bit Systems
\nWindows 10 version 1709 for x64-based Systems
\nWindows 10 Version 1709 for ARM64-based Systems
\nWindows 10 Version 1803 for 32-bit Systems
\nWindows 10 Version 1803 for x64-based Systems
\nWindows 10 Version 1803 for ARM64-based Systems
\nWindows 10 Version 1809 for 32-bit Systems
\nWindows 10 Version 1809 for x64-based Systems
\nWindows 10 Version 1809 for ARM64-based Systems
\nWindows 10 Version 1903 for 32-bit Systems
\nWindows 10 Version 1903 for x64-based Systems
\nWindows 10 Version 1903 for ARM64-based Systems
\nWindows Server 2016
\nWindows Server 2016 (Server Core installation)
\nWindows Server, version 1803 (Server Core Installation)
\nWindows Server, version 1903 (Server Core Installation)
\nWindows Server 2019
\nWindows Server 2019 (Server Core installation)
\nMicrosoft Visual Studio 2010 Service Pack 1
\nMicrosoft Visual Studio 2012 Update 5
\nMicrosoft Visual Studio 2013 Update 5
\nMicrosoft Visual Studio 2015 Update 3
\nMicrosoft Visual Studio 2017
\nMicrosoft Visual Studio 2017 version 15.9
\nMicrosoft Visual Studio 2019 version 16.0
\nMicrosoft Visual Studio 2019 version 16.1
\nTeam Foundation Server 2010 SP1
\nTeam Foundation Server 2012 Update 4
\nTeam Foundation Server 2013 Update 5
\nTeam Foundation Server 2015 Update 4.2
\nTeam Foundation Server 2017 Update 3.1
\nTeam Foundation Server 2018 Update 1.2
\nTeam Foundation Server 2018 Update 3.2
\nASP.NET Core 2.1
\nASP.NET Core 2.2
\nMicrosoft .NET Framework 2.0 Service Pack 2
\nMicrosoft .NET Framework 3.0 Service Pack 2
\nMicrosoft .NET Framework 3.5
\nMicrosoft .NET Framework 3.5 AND 4.7.2
\nMicrosoft .NET Framework 3.5 AND 4.8
\nMicrosoft .NET Framework 3.5.1
\nMicrosoft .NET Framework 4.5.2
\nMicrosoft .NET Framework 4.6
\nMicrosoft .NET Framework 4.6\/4.6.1\/4.6.2
\nMicrosoft .NET Framework 4.6\/4.6.1\/4.6.2\/4.7\/4.7.1\/4.7.2
\nMicrosoft .NET Framework 4.8
\nAzure Automation
\nAzure DevOps Server 2019.0.1
\nMail and Calendar<\/p>\n

Important Security Updates<\/h2>\n

Microsoft Excel 2010 Service Pack 2 (32-bit editions)
\nMicrosoft Excel 2010 Service Pack 2 (64-bit editions)
\nMicrosoft Excel 2013 RT Service Pack 1
\nMicrosoft Excel 2013 Service Pack 1 (32-bit editions)
\nMicrosoft Excel 2013 Service Pack 1 (64-bit editions)
\nMicrosoft Excel 2016 (32-bit edition)
\nMicrosoft Excel 2016 (64-bit edition)
\nMicrosoft Office 2010 Service Pack 2 (32-bit editions)
\nMicrosoft Office 2010 Service Pack 2 (64-bit editions)
\nMicrosoft Office 2013 RT Service Pack 1
\nMicrosoft Office 2013 Service Pack 1 (32-bit editions)
\nMicrosoft Office 2013 Service Pack 1 (64-bit editions)
\nMicrosoft Office 2016 (32-bit edition)
\nMicrosoft Office 2016 (64-bit edition)
\nMicrosoft Office 2016 for Mac
\nMicrosoft Office 2019 for 32-bit editions
\nMicrosoft Office 2019 for 64-bit editions
\nMicrosoft Office 2019 for Mac
\nMicrosoft Outlook 2010 Service Pack 2 (32-bit editions)
\nMicrosoft Outlook 2010 Service Pack 2 (64-bit editions)
\nMicrosoft Outlook 2013 Service Pack 1 (32-bit editions)
\nMicrosoft Outlook 2013 Service Pack 1 (64-bit editions)
\nMicrosoft Outlook 2016 (32-bit edition)
\nMicrosoft Outlook 2016 (64-bit edition)
\nMicrosoft Outlook for Android
\nMicrosoft SharePoint Enterprise Server 2013 Service Pack 1
\nMicrosoft SharePoint Enterprise Server 2016
\nMicrosoft SharePoint Foundation 2010 Service Pack 2
\nMicrosoft SharePoint Foundation 2013 Service Pack 1
\nMicrosoft SharePoint Server 2019
\nOffice 365 ProPlus for 32-bit Systems
\nOffice 365 ProPlus for 64-bit Systems
\nOutlook for iOS
\nMail and Calendar
\nMicrosoft Lync 2013 Service Pack 1 (32-bit)
\nMicrosoft Lync 2013 Service Pack 1 (64-bit)
\nMicrosoft Lync Basic 2013 Service Pack 1 (32-bit)
\nMicrosoft Lync Basic 2013 Service Pack 1 (64-bit)
\nSkype for Business 2016 (32-bit)
\nSkype for Business 2016 (64-bit)
\nSkype for Business 2016 Basic (32-bit)
\nSkype for Business 2016 Basic (64-bit)
\nMicrosoft Exchange Server 2010 Service Pack 3
\nMicrosoft Exchange Server 2013 Cumulative Update 23
\nMicrosoft Exchange Server 2016 Cumulative Update 12
\nMicrosoft Exchange Server 2016 Cumulative Update 13
\nMicrosoft Exchange Server 2019 Cumulative Update 1
\nMicrosoft Exchange Server 2019 Cumulative Update 2
\nMicrosoft SQL Server 2014 Service Pack 2 for 32-bit Systems (CU+GDR)
\nMicrosoft SQL Server 2014 Service Pack 2 for 32-bit Systems (GDR)
\nMicrosoft SQL Server 2014 Service Pack 2 for x64-based Systems (CU+GDR)
\nMicrosoft SQL Server 2014 Service Pack 2 for x64-based Systems (GDR)
\nMicrosoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU+GDR)
\nMicrosoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)
\nMicrosoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU+GDR)
\nMicrosoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)
\nMicrosoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU+GDR)
\nMicrosoft SQL Server 2016 for x64-based Systems Service Pack 1 (GDR)
\nMicrosoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU+GDR)
\nMicrosoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)
\nMicrosoft SQL Server 2017 for x64-based Systems (CU+GDR)
\nMicrosoft SQL Server 2017 for x64-based Systems (GDR)
\nAzure IoT Edge
\nMicrosoft Azure Kubernetes Service
\nMicrosoft.IdentityModel 7.0.0<\/p>\n

Moderate Security Updates<\/h2>\n

Internet Explorer 9
\nInternet Explorer 10<\/p>\n

Defense-in-Depth Updates<\/h2>\n

Microsoft Exchange Server 2013
\nMicrosoft Exchange Server 2016
\nMicrosoft Exchange Server 2019<\/p>\n

\u00c4hnliche Artikel:<\/strong>
\nMicrosoft Office Patchday (2. Juli 2019)<\/a>
\nMicrosoft Security Update Summary (9. Juli 2019)<\/a>
\nPatchday: Updates f\u00fcr Windows 7\/8.1\/Server (9. Juli 2019)<\/a>
\nPatchday Windows 10-Updates (9. Juli 2019)<\/a>
\nPatchday Microsoft Office Updates (9. Juli 2019)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[English]Zum 9. Juli 2019 hat Microsoft zahlreiche Sicherheitsupdates f\u00fcr Windows-Clients und \u2013Server, f\u00fcr Office etc. freigegeben. Hier ein kompakter \u00dcberblick.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[270,426,185,301],"tags":[4322,4315,3288],"class_list":["post-220325","post","type-post","status-publish","format-standard","hentry","category-office","category-sicherheit","category-update","category-windows","tag-office","tag-update","tag-windows-en"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/220325","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=220325"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/220325\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=220325"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=220325"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=220325"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}