{"id":4974,"date":"2018-02-14T00:17:58","date_gmt":"2018-02-13T23:17:58","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=4974"},"modified":"2024-10-05T19:01:23","modified_gmt":"2024-10-05T17:01:23","slug":"microsoft-patchday-summary-february-13-2018","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/02\/14\/microsoft-patchday-summary-february-13-2018\/","title":{"rendered":"Microsoft Patchday Summary (February 13, 2018)"},"content":{"rendered":"

\"Windows[German<\/a>]Microsoft released a series of security updates for Windows and other products on February 13, 2018. Here is a brief overview of critical and non-critical security updates, a list of all 50 CVEs and details to an updated Microsoft Security Advisory Notification.<\/p>\n

<\/p>\n

\"\"Details of these security updates can be found in the Microsoft Security TechCenter<\/a>. I will also document the updates in separate blog posts.<\/p>\n

Critical Security Updates<\/h2>\n

ChakraCore
\nMicrosoft Edge
\nInternet Explorer 9
\nInternet Explorer 11
\nWindows 7 for 32-bit Systems Service Pack 1
\nWindows 7 for x64-based Systems Service Pack 1
\nWindows Server 2008 for 32-bit Systems Service Pack 2
\nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
\ninstallation)
\nWindows Server 2008 for Itanium-Based Systems Service Pack 2
\nWindows Server 2008 for x64-based Systems Service Pack 2
\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core
\ninstallation)
\nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1
\nWindows Server 2008 R2 for x64-based Systems Service Pack 1
\nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
\ninstallation)
\nWindows 8.1 for 32-bit systems
\nWindows 8.1 for x64-based systems
\nWindows RT 8.1
\nWindows Server 2012
\nWindows Server 2012 (Server Core installation)
\nWindows Server 2012 R2
\nWindows Server 2012 R2 (Server Core installation)
\nWindows 10 for 32-bit Systems
\nWindows 10 for x64-based Systems
\nWindows 10 Version 1511 for 32-bit Systems
\nWindows 10 Version 1511 for x64-based Systems
\nWindows 10 Version 1607 for 32-bit Systems
\nWindows 10 Version 1607 for x64-based Systems
\nWindows 10 Version 1703 for 32-bit Systems
\nWindows 10 Version 1703 for x64-based Systems
\nWindows 10 Version 1709 for 32-bit Systems
\nWindows 10 Version 1709 for x64-based Systems
\nWindows Server 2016
\nWindows Server 2016 (Server Core installation)
\nWindows Server, version 1709 (Server Core Installation)
\nMicrosoft Outlook 2007 Service Pack 3
\nMicrosoft Outlook 2010 Service Pack 2 (32-bit editions)
\nMicrosoft Outlook 2010 Service Pack 2 (64-bit editions)
\nMicrosoft Outlook 2013 RT Service Pack 1
\nMicrosoft Outlook 2013 Service Pack 1 (32-bit editions)
\nMicrosoft Outlook 2013 Service Pack 1 (64-bit editions)
\nMicrosoft Outlook 2016 (32-bit edition)
\nMicrosoft Outlook 2016 (64-bit edition)
\nMicrosoft Office 2016 Click-to-Run (C2R) for 32-bit editions
\nMicrosoft Office 2016 Click-to-Run (C2R) for 64-bit editions<\/p>\n

Important Security Updates<\/h2>\n

Microsoft Office Word Viewer
\nMicrosoft Project Server 2013 Service Pack 1
\nMicrosoft SharePoint Enterprise Server 2016<\/p>\n

Moderate Security Updates<\/h2>\n

Internet Explorer 10<\/p>\n

Overview: Closed CVEs<\/h2>\n

Here is the list of all 50 vulnerabilities that have been closed (see also<\/a>). Details will follow in separate articles.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
Side-Channel<\/td>\nADV180002<\/a><\/td>\nGuidance to mitigate speculative execution side-channel vulnerabilities<\/td>\n<\/tr>\n
Adobe Flash Player<\/td>\nADV180004<\/td>\nFebruary 2018 Adobe Flash Security Update<\/td>\n<\/tr>\n
Common Log File System Driver<\/td>\nCVE-2018-0844<\/td>\nWindows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Common Log File System Driver<\/td>\nCVE-2018-0846<\/a><\/td>\nWindows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2018-0827<\/a><\/td>\nWindows Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Graphic Fonts<\/td>\nCVE-2018-0855<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Graphic Fonts<\/td>\nCVE-2018-0755<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Graphic Fonts<\/td>\nCVE-2018-0760<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Graphic Fonts<\/td>\nCVE-2018-0761<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2018-0866<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Browsers<\/td>\nCVE-2018-0840<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-0839<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-0771<\/a><\/td>\nMicrosoft Edge Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-0763<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0869<\/a><\/td>\nMicrosoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0864<\/a><\/td>\nMicrosoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0852<\/a><\/td>\nMicrosoft Outlook Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0851<\/a><\/td>\nMicrosoft Office Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0850<\/a><\/td>\nMicrosoft Outlook Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0853<\/a><\/td>\nMicrosoft Office Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-0841<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0859<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0860<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0861<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0858<\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0836<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0835<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0837<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0838<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0856<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0857<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-0834<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0822<\/a><\/td>\nWindows NTFS Global Reparse Point Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0823<\/td>\nNamed Pipe File System Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0825<\/a><\/td>\nStructuredQuery Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0828<\/a><\/td>\nWindows Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0826<\/a><\/td>\nWindows Storage Services Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0821<\/a><\/td>\nWindows AppContainer Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0847<\/a><\/td>\nWindows Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-0820<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0831<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0832<\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0830<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0829<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0757<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0742<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0756<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0809<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0810<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0843<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-0842<\/a><\/td>\nWindows Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows SMB Server<\/td>\nCVE-2018-0833<\/a><\/td>\nWindows Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

MS Security Advisory Notification (February 13, 2018)<\/h2>\n

Microsoft Security Advisory ADV180002 Updated on February 13<\/p>\n

– Title: Guidance to mitigate speculative execution side-channel
\nvulnerabilities
\n– https:https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/<\/a>
\nadvisory\/ADV180002
\n– Reason for Revision: Microsoft has released security updates to
\nprovide additional protections for the 32-bit (x86) versions of
\nWindows 10 as follows: 4074596 for Windows 10, 4074591 for Windows
\n10 Version 1511, 4074590 for Windows 10 Version 1607, and 4074592
\nfor Windows 10 Version 1703. Microsoft recommends that customers
\nrunning 32-bit systems install the applicable update as soon as
\npossible. Microsoft continues to work to provide 32-bit (x86)
\nprotections for other supported Windows versions but does not
\nhave a release schedule at this time. These update will be
\nincluded in subsequent updates, and do not apply to x64
\n(64-bit) systems. Added a section under Advisory Details to
\nannounce that Microsoft has released mitigations for Windows
\nHolographic to Microsoft HoloLens customers that are provided
\nautomatically as part of the February 2018 Windows Security
\nUpdate to Windows 10 Version 1607 for HoloLens. HoloLens
\ncustomers do not need to take any additional action to update
\ntheir device firmware. Added FAQ#12 and FAQ#13 to provide
\nfurther information for installing the February 2018
\nsecurity updates.<\/p>\n

Similar articles:
\n<\/strong>Adobe Flash Player: New Update 28.0.0.161
\nUpdate KB4074595 (Flash Player) for Windows<\/a>
\nMicrosoft Office Patchday (February 6, 2018)<\/a>
\nMicrosoft Patchday Summary (February 13, 2018)<\/a>
\nPatchday: Updates for Windows 7\/8.1 (February 13, 2018)<\/a>
\nPatchday: Windows 10 updates (February 13, 2018)
\nPatchday: Other Microsoft Updates (February 13, 2018)<\/a><\/p>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

[German]Microsoft released a series of security updates for Windows and other products on February 13, 2018. Here is a brief overview of critical and non-critical security updates, a list of all 50 CVEs and details to an updated Microsoft Security … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[872,11,580,22,2],"tags":[125,69,195,194],"class_list":["post-4974","post","type-post","status-publish","format-standard","hentry","category-browser","category-office","category-security","category-update","category-windows","tag-office","tag-security","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=4974"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4974\/revisions"}],"predecessor-version":[{"id":35597,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4974\/revisions\/35597"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=4974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=4974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=4974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}