exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Microsoft Security Advisory Updates For November 13, 2018

Microsoft Security Advisory Updates For November 13, 2018
Posted Nov 14, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on November 13, 2018.

tags | advisory
SHA-256 | 2fb5736b3191a695873e77b11348a0e56e6c6a60ec1000bc3660d211e37a5eaa

Microsoft Security Advisory Updates For November 13, 2018

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: November 13, 2018
********************************************************************

Security Advisories Released or Updated on November 13, 2018
===================================================================

* Microsoft Security Advisory ADV990001

- Title: Latest Servicing Stack Updates
- https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV990001
- Reason for Revision: Information published
- Originally posted: November 13, 2018
- Updated: N/A
- Version: 1.0

* Microsoft Security Advisory ADV180002

- Title: Guidance to mitigate speculative execution
side-channel vulnerabilities
- https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180002
- Reason for Revision: The following updates have been made:
1. Added information to FAQ #9 for customers running Windows
Server 2019. 2. Updated FAQ #18 to announce that with the Windows
security updates released on November 13, 2018, Microsoft is
providing the solution for customers with AMD-based devices who
experienced high CPU utilization after installing the June or
July security updates and updated microcode from AMD. Microsoft
recommends that these customers install the November Windows
security updates and re-enable the Spectre Variant 2 mitigations
if they were previously disabled. This solution is available in
the November Windows security updates for: Windows Server 2008,
Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.
3. Added FAQ #20 to address the mitigations for ARM CPUs for
CVE 2017-5715, Branch Target Injection.
- Originally posted: January 3, 2018
- Updated: November 13, 2018
- Version: 26.0

* Microsoft Security Advisory ADV180012

- Title: Microsoft Guidance for Speculative Store Bypass
- https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180012
- Reason for Revision: The following updates have been made to
this advisory: 1. Microsoft is announcing that the security
updates released on November 13, 2018 for all supported versions
of Windows 10, and for Windows Server 2016; Windows Server,
version 1709; Windows Server, version 1803; and Windows Server
2019 provide protections against the Speculative Store Bypass
vulnerability (CVE-2018-3639) for AMD-based computers. These
protections are not enabled by default. For Windows client
(IT pro) guidance, follow the instructions in KB4073119.
2. Microsoft is announcing the availability of updates for
Surface Studio and Surface Book that address the Speculative
Store Bypass (SSB) (CVE-2018-3639) vulnerability. See the
Affected Products table for links to download and install the
updates. See Microsoft Knowledge Base article 4073065 for more
information. 3. In the Security Updates table, the Article and
Download links have been corrected for affected Surface devices.
4. Windows 10 version 1809 and Windows Server 2019 have been
added to the Security Updates table because they are affected by
the SSB vulnerability. 5. The Recommended Actions and FAQ
sections have been updated to include information for devices
using AMD processors.
- Originally posted: May 21, 2018
- Updated: November 13, 2018
- Version: 6.0

* Microsoft Security Advisory ADV180013

- Title: Microsoft Guidance for Rogue System Register Read
- https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180013
- Reason for Revision: The following updates have been made to this
advisory: 1. Microsoft is announcing the availability of updates
for Surface Book that address the Rogue System Registry Read
(CVE-2018-3640) vulnerability. See the Affected Products table
for links to download and install the updates. See Microsoft
Knowledge Base article 4073065 for more information.
2. In the Security Updates table, the Article and Download
links have been corrected.
- Originally posted: May 21, 2018
- Updated: November 13, 2018
- Version: 5.0

* Microsoft Security Advisory ADV180018

- Title: Microsoft guidance to mitigate L1TF variant
- https://portal.msrc.microsoft.com/en-us/security-guidance/
advisory/ADV180018
- Reason for Revision: The following updates have been made:
1. Updated the "Microsoft Windows client customers" section to
provide clarification about how the protections for
CVE-2018-5754 and CVE-2018-3620 are related. Customers that
have disabled the protection for CVE-2017-5754 must re-enable it
to gain protection for CVE-2018-3620 (See FAQ#2).
2. Updated the "Microsoft Window Server customers" section to
include information for customers running Windows Server 2019.
Added further clarification to address VBS, Hyper-V, and
Hyper-Threading configurations based on the version of Windows
Server. 3. In FAQ 3, added Windows 10 Version 1809 to the list
of Windows versions in which VBS is supported.
- Originally posted: August 14, 2018
- Updated: November 13, 2018
- Version: 5.0


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you've requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052












-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAlvrBr8ACgkQEEiO2re1
8ugZtA/+PRa/iO9ZP4cd2MGRPtAWrsILQ9B2FpCwiXwOdYJMLsMRP0L71ILaRuUy
lVnYe72jIlfUeTa/lv8RHEjVWKyGQLId60xkFseQ2u4qztXo0IoUusbe8gAojJ70
U5zZxsaOcYK2zj0/0U8fiqynPSyhkeR9uNQIisl66Yb5T0f+IHdOaC3+goFxFUsl
wqgESppva+8e8+d+K4krbWcdvM2jsONpKHhD6H64VZ+vPdONVs171DELy0wPVi6V
CHKNBNppvmfgDy21Sr397C1dUkO/fut+reTc+Acvp6XhrtJNXmzfT2jFwuHzJdcr
+AZsSvtDTtzZQxluc47ArKUdibs86GF2zYC9X1rxa1EnsSix+taDcCHxcoZeXtMC
oDukd+MC2iZ8l3e+eBx5Khutl/o33ibMZDLpJI2w8owWFEf5mqcsql+XQtSInik5
AMtrxZpuN87dBdfizIacAl+0SO+7ekyGGDim0Vvq4Efd2AivpgLM/GQtbYdXOFDD
6GfC7kAKDLtZrJM86GKxUWkXW4p9iT7BLo1L3RhNaAxEk+/QUiXaNWwJpQci0Sa7
FW+bCiusjYWCFOnI5FUBdQEuenxRLcv558O8VY5lT4XSeVM3P8MK9dk5Kp4dlh5N
+5fhIR8UOyyc4mDVWk1t2TxyMpT+qGUGKieakgURmlGV8RM5nQA=
=xQqi
-----END PGP SIGNATURE-----

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
https://account.microsoft.com/profile/unsubscribe?CTID=0&ECID=bym02KEHh4ibIdYxjQd7eCvsjzViiEJ%2FQ5RrsVhK3lQ%3D&K=c4a0e918-a1af-4aff-bf05-a3b89b77ed53&CMID=null&D=636776611399059753&PID=18000&TID=adfd46f4-992a-45ec-935c-4c9bc4baf506
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close