{"id":6597,"date":"2018-08-16T02:46:45","date_gmt":"2018-08-16T00:46:45","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=6597"},"modified":"2022-01-24T17:38:44","modified_gmt":"2022-01-24T16:38:44","slug":"microsoft-security-advisory-notification-august-14-2018","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/08\/16\/microsoft-security-advisory-notification-august-14-2018\/","title":{"rendered":"Microsoft Security Advisory Notification (August 14, 2018)"},"content":{"rendered":"

On August 14, 2018, Microsoft published two more Security Advisory Notifications dealing with the newly discovered vulnerabilities (L1TF). Addendum:\u00a0\u00a0<\/strong>Security Advisory from\u00a0August 15, 2018 added.<\/p>\n


\n********************************************************************
\nSecurity Advisories Released or Updated on August 14, 2018
\n<\/strong>********************************************************************
\nMicrosoft Security Advisory ADV180018<\/p>\n

– Title: Microsoft guidance to mitigate L1TF variant
\n– ADV180018<\/a>
\n– Reason for Revision: Information published.
\n– Originally posted: August 14, 2018
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n

* Microsoft Security Advisory ADV180016<\/p>\n

– Title: Microsoft Guidance for Lazy FP State Restore
\n– ADV180016<\/a>
\n– Reason for Revision: Microsoft is announcing that the Windows
\nsecurity updates released on August 14, 2018 provide mitigations
\nfor CVE-2018-3665 – Lazy FP State Restore. These updates are
\navailable for 32-bit versions of Windows 7 and Windows Server
\n2008. See the Affected Products table to download and install
\nthe security updates.
\n– Originally posted: June 13, 2018
\n– Updated: August 14, 2018
\n– Version: 4.0<\/p>\n

********************************************************************
\nMicrosoft Security Update Releases August 15, 2018<\/strong>
\n<\/strong>********************************************************************<\/p>\n

Summary
\n=======<\/p>\n

The following CVEs have undergone a major revision increment:<\/p>\n

* CVE-2018-8202
\n* CVE-2018-8284<\/p>\n

Revision Information:
\n=====================<\/p>\n

– CVE-2018-8202 | .NET Framework Elevation of Privilege
\nVulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: Microsoft is releasing the August Monthly
\nRollup, Security Only, and Security Updates to fully resolve known
\nissues some customers experienced after installing the July security
\nupdates for .NET Framework. Customers who installed either the
\nStandalone updates or Alternate Cumulative update should also install
\nthe August updates. See the Affected Products table for links
\nto download and install the August updates.
\n– Originally posted: July 10, 2018
\n– Updated: August 15, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 5.0<\/p>\n

– CVE-2018-8284 | .NET Framework Remote Code Injection
\nVulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: Updated the Affected Products to include
\naffected versions of Microsoft SharePoint Server, Microsoft
\nSharePoint Foundation, Microsoft SharePoint Enterprise Server,
\nand Microsoft Project Server. Customers running any of the
\nSharePoint products listed in the Affected Products table and
\nwho are also running any affected versions of .NET Framework
\nneed to install the security updates for the versions of .NET
\nrunning on their system to be fully protected from this
\nvulnerability.
\n– Originally posted: July 10, 2018
\n– Updated: August 14, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 3.0<\/p>\n

********************************************************************
\nMicrosoft Security Advisory Notification August 15, 2018<\/strong>
\n<\/strong>********************************************************************<\/p>\n

Security Advisories Released or Updated on August 15, 2018
\n======================================================<\/p>\n

Users of an AMD system should read Microsoft Security Advisory ADV180002.<\/p>\n

* Microsoft Security Advisory ADV180002<\/p>\n

– Title: Guidance to mitigate speculative execution side-channel
\nvulnerabilities
\n– ADV180002<\/a>
\n– Reason for Revision: Updated FAQ #18 to announce that with the
\nWindows security updates released on Augus 18, 2918, Microsoft
\nis providing the solution for customers with AMD-based devices
\nwho experienced high CPU utilization after installing the June
\nor July security updates and updated microcode from AMD. Microsoft
\nrecommends that these customers install the August Windows
\nsecrurity updates and re-enable the Spectre Variant 2 mitigations
\nif they were previously disabled. This solution is available in
\nthe August Windows security updates for: Windows 10 version 1607.
\nWindows 10 version 1709. Windows 10 version 1803, Windows 7
\nService Pack 1, Windows Server 2016, Windows Server, version 1709
\n(Server Core Installation), Windows Server, version 1803 (Server
\nCore Installation), and Windows Server 2008 R2 Service Pack 1.
\nThe FAQ will be updated as further updates become available.
\n– Originally posted: January 3, 2018
\n– Updated: August 15, 2018
\n– Version: 24.0<\/p>\n

* Microsoft Security Advisory ADV180021<\/p>\n

– Title: Microsoft Office Defense in Depth Update
\n– ADV180021<\/a>
\n– Reason for Revision: Information published.
\n– Originally posted: August 15, 2018
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n","protected":false},"excerpt":{"rendered":"

On August 14, 2018, Microsoft published two more Security Advisory Notifications dealing with the newly discovered vulnerabilities (L1TF). Addendum:\u00a0\u00a0Security Advisory from\u00a0August 15, 2018 added.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[69],"class_list":["post-6597","post","type-post","status-publish","format-standard","hentry","category-security","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6597","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=6597"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6597\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=6597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=6597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=6597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}