1. Forum
  2. League10
  3. Microsoft Sec. Bulletin

  • Microsoft Security Update Summary for October 9, 2018

    From Lord Time@TIME/NET340 to All on Mon Oct 29 11:49:03 2018
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    ********************************************************************
    Microsoft Security Update Summary for October 9, 2018
    Issued: October 9, 2018 ********************************************************************

    This summary lists security updates released for October 9, 2018.

    Complete information for the October 2018 security update release can
    Be found at
    <https://portal.msrc.microsoft.com/en-us/security-guidance>.

    Please note the following information regarding the security updates:

    * Customers running Windows 7 or Windows Server 2008 R2 need to
    ensure they have Servicing Stack Update (SSU) 3177467 installed
    before installing the October 2018 security updates, to avoid a
    failure to install. See [Microsoft Knowledge Base Article 3177467](https://support.microsoft.com/en-us/help/3177467) for more
    information about this SSU.
    * Windows 10 updates are cumulative. The monthly security release
    includes all security fixes for vulnerabilities that affect Windows 10,
    in addition to non-security updates. The updates are available via
    the [Microsoft Update Catalog](http://catalog.update.microsoft.com/v7/site/Home.aspx).
    * Starting in March 2017, a delta package will be available on the
    Microsoft Update Catalog for Windows 10 version 1607 and newer. This
    delta package contains just the delta changes between the previous
    month and the current release.
    * Updates for Windows RT 8.1 and Microsoft Office RT software are
    only available via [Windows Update](http://go.microsoft.com/fwlink/?LinkId=21130).
    * For information on lifecycle and support dates for Windows 10
    operating systems, please see [Windows Lifecycle Facts Sheet](https://support.microsoft.com/en-us/help/13853/windows- lifecycle-fact-sheet).
    * In addition to security changes for the vulnerabilities, updates
    include defense-in-depth updates to help improve security-related
    features.

    Critical Security Updates
    ============================

    ChakraCore
    Internet Explorer 11
    Microsoft Edge
    Windows Server 2008 for 32-bit Systems Service Pack 2
    Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
    Windows Server 2008 for Itanium-Based Systems Service Pack 2
    Windows Server 2008 for x64-based Systems Service Pack 2
    Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
    Windows 7 for 32-bit Systems Service Pack 1
    Windows 7 for x64-based Systems Service Pack 1
    Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
    Windows Server 2008 R2 for x64-based Systems Service Pack 1
    Windows Server 2008 R2 for x64-based Systems Service Pack 1
    Server Core installation)
    Windows Server 2012
    Windows Server 2012 (Server Core installation)
    Windows 8.1 for 32-bit systems
    Windows 8.1 for x64-based systems
    Windows RT 8.1
    Windows Server 2012 R2
    Windows Server 2012 R2 (Server Core installation)
    Windows 10 for 32-bit Systems
    Windows 10 for x64-based Systems
    Windows 10 Version 1607 for 32-bit Systems
    Windows 10 Version 1607 for x64-based Systems
    Windows 10 Version 1703 for 32-bit Systems
    Windows 10 Version 1703 for x64-based Systems
    Windows 10 version 1709 for 32-bit Systems
    Windows 10 version 1709 for x64-based Systems
    Windows 10 Version 1803 for 32-bit Systems
    Windows 10 Version 1803 for x64-based Systems
    Windows 10 Version 1809 for 32-bit Systems
    Windows 10 Version 1809 for x64-based Systems
    Windows Server 2016
    Windows Server 2016 (Server Core installation)
    Windows Server, version 1709 (Server Core Installation)
    Windows Server, version 1803 (Server Core Installation)
    Windows Server 2019
    Windows Server 2019 (Server Core installation)


    Important Security Updates
    ============================

    Hub Device Client SDK for Azure IoT
    Azure IoT Edge
    Microsoft Office 2010 Service Pack 2 (32-bit editions)
    Microsoft Office 2010 Service Pack 2 (64-bit editions)
    Microsoft Office 2013 RT Service Pack 1
    Microsoft Office 2013 Service Pack 1 (32-bit editions)
    Microsoft Office 2013 Service Pack 1 (64-bit editions)
    Microsoft Office 2016 (32-bit edition)
    Microsoft Office 2016 (64-bit edition)
    Microsoft Office 2016 for Mac
    Microsoft Office 2019 for 32-bit editions
    Microsoft Office 2019 for 64-bit editions
    Office 365 ProPlus for 32-bit Systems
    Office 365 ProPlus for 64-bit Systems
    Microsoft Excel 2010 Service Pack 2 (32-bit editions)
    Microsoft Excel 2010 Service Pack 2 (64-bit editions)
    Microsoft Excel 2013 RT Service Pack 1
    Microsoft Excel 2013 Service Pack 1 (32-bit editions)
    Microsoft Excel 2013 Service Pack 1 (64-bit editions)
    Microsoft Excel 2016 (32-bit edition)
    Microsoft Excel 2016 (64-bit edition)
    Microsoft Excel Viewer 2007 Service Pack 3
    Microsoft Office Word Viewer
    Microsoft Office Compatibility Pack Service Pack 3
    Microsoft Office Web Apps 2010 Service Pack 2
    Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions)
    Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions)
    Microsoft PowerPoint 2013 RT Service Pack 1
    Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions)
    Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions)
    Microsoft PowerPoint 2016 (32-bit edition)
    Microsoft PowerPoint 2016 (64-bit edition)
    Microsoft PowerPoint Viewer 2007
    PowerPoint Viewer 2010 32-bit edition
    Microsoft SharePoint Server 2010 Service Pack 2
    Microsoft SharePoint Enterprise Server 2013 Service Pack 1
    Microsoft SharePoint Enterprise Server 2016
    Microsoft Word 2010 Service Pack 2 (32-bit editions)
    Microsoft Word 2010 Service Pack 2 (64-bit editions)
    Microsoft Word 2013 RT Service Pack 1
    Microsoft Word 2013 Service Pack 1 (32-bit editions)
    Microsoft Word 2013 Service Pack 1 (64-bit editions)
    Microsoft Word 2016 (32-bit edition)
    Microsoft Word 2016 (64-bit edition)
    Microsoft Exchange Server 2010 Service Pack 3
    Microsoft Exchange Server 2013
    Microsoft Exchange Server 2013 Cumulative Update 21
    Microsoft Exchange Server 2016
    Microsoft Exchange Server 2016 Cumulative Update 10
    SQL Server Management Studio 17.9
    SQL Server Management Studio 18.0 (Preview 4)


    Other Information
    =================

    Recognize and avoid fraudulent email to Microsoft customers: =============================================================
    If you receive an email message that claims to be distributing
    a Microsoft security update, it is a hoax that may contain
    malware or pointers to malicious websites. Microsoft does
    not distribute security updates via email.

    The Microsoft Security Response Center (MSRC) uses PGP to digitally
    sign all security notifications. However, PGP is not required for
    reading security notifications, reading security information, or
    installing security updates. You can obtain the MSRC public PGP key
    at
    <https://technet.microsoft.com/security/dn753714>.

    ********************************************************************
    THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
    PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
    DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
    THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    PURPOSE.
    IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
    LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
    INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
    DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
    ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
    FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
    LIMITATION MAY NOT APPLY. ********************************************************************

    Microsoft respects your privacy. Please read our online Privacy
    Statement at
    <http://go.microsoft.com/fwlink/?LinkId=81184>.

    If you would prefer not to receive future technical security
    notification alerts by email from Microsoft and its family of
    companies please visit the following website to unsubscribe: <https://profile.microsoft.com/RegSysProfileCenter/subscriptionwi zard.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

    These settings will not affect any newsletters you've requested or
    any mandatory service communications that are considered part of
    certain Microsoft services.

    For legal Information, see: <http://www.microsoft.com/info/legalinfo/default.mspx>.

    This newsletter was sent by:
    Microsoft Corporation
    1 Microsoft Way
    Redmond, Washington, USA
    98052












    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAlu88mEACgkQEEiO2re1 8uikXg/+NyF2nMYZVBTTJWPFjkw3A33HsZbt8ZysdhhUTTfVh0xhZ37bwARBqYFk J2tlgRe+Q3Sq86PNpsT1qCOc94NXi0hgklIi6e44iAjnRhNZGl5YqiPEKGikI7iQ lCpMIOusHTKS7D+kRa2q31gZ+7DlJrS65UhPdVgofRqKtxM0PI5MlI5EArWk63Oj glLeG3Qfs/jAgMg0XJb9ytqV/v7i5c04VjjK6LjmXRa6bzpI3y+PAZa8TURAxuK9 pxOtaI+gTcX3dMb7tj1MJQeI1nK6ByNJkOOjAt8vml/BjHDrk76U4SLDKug9gn+o zr0NRuiJmb1sgRnmlHi0Lr569HHxX1/6a2digSDTBT8tUW8NcaOjZzFSWyaRD1tp 9nHTcxRpPJtWeMIcCmPyyfXqZU4X78mCjPvI4bbGAnEXEy8SRBdiRVm+pYmaxGCh srhVm+hVVhXwBtifjcl57g/dtzkPnif/lpBdkGzEFtT4VZP3YTZD+uws7E87TdI2 /7j47+eSZmj6zOhRI07fb2UNfCIuqCNY5PNZ9j24A0HLYUxcOxU4WJTSihIAJvTR O8MBiihkjzJqhZkEC6sSkhOvommcAoqemHTkdumMQ/rCac+UQFDsIbDo8Wj7npC6 pfjmkaKdOqDpIomRYywMXwts8g5H9+MORkEYRpbjYLjawZYajpU=
    =t7p7
    -----END PGP SIGNATURE-----


    If you would prefer not to receive future technical security
    notification alerts by email from Microsoft and its family of
    companies please visit the following website to unsubscribe: %%UnsubscribeLink%%

    ---
    ■ Synchronet ■ Net 340