Tuesday, November 13, 2018

Microsoft Security Updates for November 2018



The November security updates have been released and consists of security updates for the following:  Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, .NET Core, Skype for Business, Azure App Service on Azure Stack, Team Foundation Server and Microsoft Dynamics 365 (on-premises) version 8.

The updates address Remote Code Execution, Defense in Depth, Information Disclosure, Tampering, Security Feature Bypass, Elevation of Privilege, Denial of Service and Spoofing.

Important Note:  Windows 10 Version 1809 has been re-released:
"While the April Update had the fastest Windows 10 update rollout velocity, we are taking a more measured approach with the October Update, slowing our rollout to more carefully study device health data. We will offer the October Update to users via Windows Update when data shows your device is ready and you will have a great experience. If we detect that your device may have an issue, such as an application incompatibility, we will not install the update until that issue is resolved, even if you “Check for updates,” so you avoid encountering any known problems. For those advanced users seeking to install the update early by manually using “Check for updates” in settings, know that we are slowly throttling up this availability, while we carefully monitor data and feedback."
More at the Windows Experience Blog at Resuming the rollout of the Windows 10 October 2018 Update.


Known Issues In the November Update:
        Recommended Reading: 

        Note:  Since Dustin Childs is in Tokyo for PawnToOwn, his  review and recommendations
        in  Zero Day Initiative will be delayed due to the time difference.  An update will be provided following his review.
          Update with Dustin Child's analysisZero Day Initiative — The November 2018 Security Update Review.
         
        More:  For more information about the updates released today, see https://portal.msrc.microsoft.com/en-us/security-guidance/summary.  Updates can be sorted by OS from the search box. Information about the update for Windows 10 is available at Windows 10 Update history.

        Additional Update Notes

        • Adobe Flash Player -- For Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1 and Windows 10, Adobe Flash Player is now a security bulletin rather than a security advisory and is included with the updates as identified above.
        • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.  Note:  Users who are paranoid about the remote possibility of a FP can opt to run this tool from a Command Prompt, appending a   /N   parameter [for "detect only" mode].

        References


        Remember - "A day without laughter is a day wasted."
        May the wind sing to you and the sun rise in your heart...





        No comments:

        Post a Comment

        Neither spam nor comments containing vulgarities will be approved.