[German]Microsoft has released a couple of updates for Internet Explorer, Windows Server, etc. for April Patchday (April 10, 2018). Below I added some details to selected patches, which are not included in the other articles linked at the end of the article.
Microsoft has closed more than 60 vulnerabilities in Windows, Office and other Microsoft products by April 2018 patchday. 25 of these vulnerabilities are classified as critical. This applies, for example, to various security issues in the Chakra script engine used in the Edge browser. With this vulnerabilities, visiting a prepared website is enough to compromise the system. The whole thing is described in CVE-2018-0994.
Further vulnerabilities CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015 and CVE-2018-1016 in the Windows graphics component allow to overtake the system by manipulated fonts and VBscript. A visit to a prepared website is enough to take over the computer. The Hacker News has published a separate article on the topic.
A remote code execution vulnerability in Microsoft Office allows attackers to execute code with the rights of the user account concerned. For administrator accounts, UAC bypassing could be used to compromise the system. The CVE-2018-0950 vulnerability in Microsoft Outlook allows attackers to access sensitive information from an SMB server. The Hacker News has published a dedicated article on the subject here.
At Talos you will find an overview of the critical security gaps. The complete overview of all updates from Microsoft can be found on this website. Some of the updates mentioned there are described in separate blog posts (see link list at the end of the article).
Removed antivirus check on Windows updates
I already mentioned it for Windows 7/8.1 (see link list below). With the April 2018 update, Microsoft generally removes the check for compatible virus scanners via the registry entry:
The following security updates have been released.
- Update KB4091756: Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009
- Update KB4092946: Cumulative security update for Internet Explorer 9 till 11 – for Windows 7 till Windows 10 and for all server pendants.
- Update KB4093110: Security update for Adobe Flash Player – for Windows 8.x till Windows 10 and for all server pendants.
- Update KB4093122: Security-only update for Windows Server 2012, closes vulnerabilities
- Update KB4093123: Monthly Rollup update Windows Server 2012, schließt closes vulnerabilities.
- Update KB4093224: Security update to close CVE-2018-8116 (Microsoft graphics component denial of service vulnerability) in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.
- Update KB4093227: Security update to close CVE-2018-0976 (Windows Remote Desktop Protocol (RDP) denial of service vulnerability) in Windows Server 2008.
- Update KB4093257: Security update to close CVE-2018-1003 und CVE-2018-1008 in Windows Server 2008, Windows Embedded POSReady 2009 und Windows Embedded Standard 2009.
- Update KB4093478: Security update to close several kernel vulnerabilities in Windows Server 2008.
- Update KB4101864: Security update for Windows Embedded POSReady 2009 and Windows Embedded Standard 2009.
Non security updates
With update KB890830 the Windows Malicious Software Removal Tool was updated to April 10, 2018. MSRT scans the system once for malware during the update installation.
Furthermore, some updates have been revised in their meta data, the binary content of the updates has not changed. These updates are listed here.
Adobe Flash Player Update to version 184.108.40.206
Microsoft Office Patchday (April 3, 2018)
Microsoft Patchday Summary April 10, 2018
Patchday: Windows 10 Updates April 10, 2018
Patchday: Updates for Windows 7/8.1/Server April 2018
Patchday Microsoft Office Updates (April 10, 2018)
Patchday: Other Microsoft Updates (April 10, 2018)
Windows 7/8.1 Preview Rollup Updates (04/17/2018)
Windows 10 Updates KB4093117 and KB4093120 (04/17/2018)