Microsoft revised some security information (Microsoft Security Advisory Notification) on July 19, 2018. There were also revisions to the descriptions of the security updates. Here is an overview of what has changed.
Advertising
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 19, 2018
********************************************************************
Security Advisories Released or Updated on July 19, 2018
===================================================================
* Microsoft Security Advisory ADV180002
– Title: Guidance to mitigate speculative execution side-channel
vulnerabilities
– https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180002
– Reason for Revision: To address a known issue in the security
updates released on July 10, Microsoft is releasing Alternate
Cumulative update packages for Windows 10, and Standalone and
Preview Rollup packages for all other supported editions of
Windows. These packages are available via Microsoft Update
catalog, WSUS, or by manually searching Windows Update. Customers
who are experiencing issues after installing the July Windows
security updates should install the replacement packages as
applicable. Please refer to the Affected Products table for the
replacement package KB numbers. Customers who have successfully
installed the security updates and who are not experiencing any
issues do not need to take any action.
– Originally posted: January 3, 2018
– Updated: July 19, 2018
– Version: 22.0
* Microsoft Security Advisory ADV180016
– Title: Microsoft Guidance for Lazy FP State Restore
– https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180016
– Reason for Revision: To address a known issue in the security
updates released on July 10, Microsoft is releasing Alternate
Cumulative update packages for Windows 10, and Standalone and
Preview Rollup packages for all other supported editions of
Windows. These packages are available via Microsoft Update
catalog, WSUS, or by manually searching Windows Update. Customers
who are experiencing issues after installing the July Windows
security updates should install the replacement packages as
applicable. Please refer to the Affected Products table for the
replacement package KB numbers. Customers who have successfully
installed the security updates and who are not experiencing any
issues do not need to take any action.
– Originally posted: June 13, 2018
– Updated: July 19, 2018
– Version: 3.0
Advertising
********************************************************************
Title: Microsoft Security Update Releases
Issued: July 19, 2018
********************************************************************
Summary
=======
The following CVEs have undergone a major revision increment:
* CVE-2018-8202
* CVE-2018-8260
* CVE-2018-8284
* CVE-2018-8356
Revision Information:
=====================
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
updates released on July 10, Microsoft is releasing Cumulative
Update packages for all supported editions of Windows 10. These
packages are available via Microsoft Update catalog, WSUS, or by
manually searching Windows Update. Customers who are experiencing
issues after installing the July Windows security updates should
install the replacement packages as applicable. Note that the
Monthly Rollup and Security Only updates for .NET Framework are
not affected. Please refer to the Affected Products table for the
replacement package KB numbers. Customers who have successfully
installed the security updates and who are not experiencing any
issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 2.0
The following CVEs have undergone a major revision increment:
* CVE-2018-0949
* CVE-2018-8242
* CVE-2018-8287
* CVE-2018-8288
* CVE-2018-8291
* CVE-2018-8296
Revision Information:
=====================
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
updates released on July 10, Microsoft is releasing Cumulative
Update packages for Windows 10, and Standalone and Preview Rollup
packages for all other supported editions of Windows. These packages
are available via Microsoft Update catalog, WSUS, or by manually
searching Windows Update. Customers who are experiencing issues
after installing the July Windows security updates should install
the replacement packages as applicable. Note that the IE Cumulative
updates are not affected. Please refer to the Affected Products
table for the replacement package KB numbers. Customers who have
successfully installed the security updates and who are not
experiencing any issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 2.0
The following CVEs have undergone a major revision increment:
* CVE-2018-8125 * CVE-2018-8279 * CVE-2018-8301
* CVE-2018-8206 * CVE-2018-8280 * CVE-2018-8304
* CVE-2018-8222 * CVE-2018-8282 * CVE-2018-8307
* CVE-2018-8262 * CVE-2018-8286 * CVE-2018-8308
* CVE-2018-8274 * CVE-2018-8289 * CVE-2018-8309
* CVE-2018-8275 * CVE-2018-8290 * CVE-2018-8313
* CVE-2018-8276 * CVE-2018-8294 * CVE-2018-8314
* CVE-2018-8278 * CVE-2018-8297 * CVE-2018-8324
* CVE-2018-8325
Revision Information:
=====================
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue in the security
updates released on July 10, Microsoft is releasing Cumulative
Update packages for Windows 10, and Standalone and Preview Rollup
packages for all other supported editions of Windows. These
packages are available via Microsoft Update catalog, WSUS, or by
manually searching Windows Update. Customers who are experiencing
issues after installing the July Windows security updates should
install the replacement packages as applicable. Please refer to the
Affected Products table for the replacement package KB numbers.
Customers who have successfully installed the security updates and
who are not experiencing any issues do not need to take any action.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Critical
– Version: 2.0
The following CVE has undergone a major revision increment:
* CVE-2018-8356
Revision Information:
=====================
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Affected Products table to
include PowerShell Core 6.0 and PowerShell Core 6.1 because
these products are affected by CVE-2018-9356. See
https://github.com/PowerShell/Announcements/issues/6 for
more information.
– Originally posted: July 10, 2018
– Updated: July 19, 2018
– Aggregate CVE Severity Rating: Important
– Version: 3.0
