![](\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\")
Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL Server Management Studio.<\/p>\n
<\/p>\n
********************************************************************
\nTitle: Microsoft Security Update Releases
\nIssued: October 17, 2018
\n********************************************************************<\/p>\n
Summary
\n=======<\/p>\n
The following CVEs have undergone a major revision increment:<\/p>\n
* CVE-2010-3190<\/p>\n
Revision Information:
\n=====================<\/p>\n
– CVE-2010-3190 | MFC Insecure Library Loading Vulnerability On this topic I had published today the article Exchange Server: Active Sync client has connect\/sync issues<\/a>. The following three CVEs have also been revised:<\/p>\n * CVE-2018-8527 Revision Information: – SQL Server Management Studio Information Disclosure Microsoft has published a revised security update notification as of October 17, 2018, which I would like to briefly describe below. It is about MFC in connection with the cumulative update 11 for Exchange Server 2016 (KB4134118) and the SQL … Continue reading
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: Microsoft is announcing the release of
\nCumulative Update 11 for Exchange Server 2016 (KB4134118). This
\nupdate fully resolves the issue identified in CVE-2010-3190 for
\nExchange Server 2016.
\n– Originally posted: October 9, 2018
\n– Updated: October 17, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 2.0<\/p>\n
\n* CVE-2018-8532
\n* CVE-2018-8533<\/p>\n
\n=====================<\/p>\n
\nVulnerability
\n– https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a>
\n– Reason for Revision: The following updates have been made:
\nThe following updates have been made: 1. In the Security Updates
\ntable, removed SQL Server Management Studio 18.0 (Preview 4)
\nbecause it is not affected by this vulnerability. 2. Removed the
\nlinks for SSMS 17.9 because this vulnerability is mitigated by
\nchanging settings. 3. Added an FAQ to explain how customers
\nrunning any version of SSMS can protect themselves from this
\nvulnerability. 4. Added a workaround to describe how customers
\ncan protect themselves from this vulnerability if they are unable
\nto clean-install SSMS 17.9.
\n– Originally posted: October 9, 2018
\n– Updated: October 17, 2018
\n– Aggregate CVE Severity Rating: Important
\n– Version: 2.0<\/p>\n","protected":false},"excerpt":{"rendered":"