Microsoft Security Update revisions April 2018

Windows UpdateMicrosoft has revised the descriptions of several security updates for Patchday April 2018. Here are the details of three major changes in the update description I received from Microsoft.


Advertising

CVE-2016-0143

CVE-2016-0143 has undergone a major revision increment:

Revision Information:

– CVE-2016-0143 | Win32k Elevation of Privilege Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Version: 2.0
– Reason for Revision: Revised the Affected Products table to
   include Windows 10 Version 1709 for 32-bit Systems and Windows
   10 Version 1709 for x64-based Systems because they are affected
   by CVE-2016-0143. Microsoft strongly recommends that customers
   install the updates to be fully protected from the vulnerability.
   Customers whose systems are configured to receive automatic
   updates do not need to take any further action.
– Originally posted: April 12, 2016
– Updated: April 10, 2018
– Aggregate CVE Severity Rating: Important

CVE-2018-8118

CVE-2018-8118 has been added to the March 2018 Security Updates:
        
Revision Information:
– CVE-2018-8118 | Internet Explorer Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Version: 1.0
– Reason for Revision: Information published. This CVE was added
   to the monthly security release post publication. This is an
   informational change only.
– Originally posted: April 10, 2018
– Updated: N/A
– Aggregate CVE Severity Rating: Important

Security Advisories Released or Updated on April 10

* Microsoft Security Advisory ADV180002


Advertising

– Title: Guidance to mitigate speculative execution side-channel
   vulnerabilities
– Link: ADV180002
– Reason for Revision:
   The following updates have been made: 1. Updated FAQ#10 to
   provide additional links for more information about updating
   an AMD-based device. 2. Added FAQ #15 to announce that security 
   update 4093112 for Windows 10 Version 1709 provides addtional
   mitigations for AMD processors for CVE-2017-5715, and to provide
   further information about these mitigations. 3. Added FAQ #16 to
   announce that AMD has started to release microcode updates around
   Spectre variant 2 (CVE 2017-5715 Branch Target Injection) for
   newer CPU platforms.
 
– Originally posted: January 3, 2018
– Updated: April 10, 2018
– Version: 16.0


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in Update and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *