SlideShare a Scribd company logo

February 2018 Patch Tuesday Analysis

Download as PPTX, PDF
Ivanti
Ivanti

Are you feeling like you'd like to have poked your fingers into the center of the Meltdown and Spectre patches like a box of Valentine's chocolates? There were some unsavory surprises for sure. Fortunately, the kinks are largely worked out and February Patch Tuesday is more straightforward. If there is one word for this month in patching, it's not "love" or "romance" but "privilege." Patch the elevation-of-privilege vulnerabilities, and then take a closer look at your policy on privilege management. Make sure you're keeping attackers from storming the heart of your organization. 

1 of 35
Patch Tuesday Webinar Wednesday, February 14, 2018 Hosted by: Chris Goettl & Todd Schell Dial in: 1-877-668-4490 (US) Event ID: 806 175 024
Agenda February 2018 Patch Tuesday Overview In the News Bulletins Q & A 1 2 3 4
 Overview
 In the News
In the News -  Update on Meltdown and Spectre:  http://www.zdnet.com/article/microsoft-delivers-free-meltdown-spectre-assessment- tool-for-it-pros/  https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated- guidance-for-customers-and-partners/  https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation- against-spectre-variant-2  Ivanti Product Related Articles:  https://community.shavlik.com/docs/DOC-24510 (Shavlik)  https://community.ivanti.com/docs/DOC-66046 (LANDESK)  https://community.ivanti.com/docs/DOC-63022 (HEAT)  Other News  Flash Zero Day Resolved February 6th  https://krebsonsecurity.com/tag/flash-player-zero-day/
Known Issues Things to be aware of  Windows 10 Branch Support: End of Life for 2018  Branch 1607 scheduled for March 2018  Branch 1703 scheduled for September 2018  Windows 10 Version 1511 will continue to receive limited, critical updates  Supported Editions  Windows 10 Education  Windows 10 Enterprise  Unsupported Editions  Windows 10 Home  Windows 10 Pro  Everyone strongly urged to update to latest version of Windows 10
Known Issues Things to be aware of  Microsoft limits patch installation based on AV regkey  Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.  Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer: Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWAREMicrosoftWindowsCurrentVersionQualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD” Data="0x00000000”  Multiple KBs referenced in today’s webinar slides
Public Disclosures  CVE-2018-0771 - Microsoft Edge Security Feature Bypass Vulnerability  A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.  In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
Zero Day Vulnerability  CVE-2018-4878 - Adobe Flash Vulnerability (from National Vulnerability Database)  A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to the handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
 Bulletins
MS18-02-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 1511, 1607,1703, 1709, Server 2016, IE 11 and Microsoft Edge  Description: This bulletin references 5 KB articles. See bulletins for list of changes.  Impact: Remote Code Execution, Security Feature Bypass, Elevation of Privilege, and Information Disclosure  Fixes 36 Vulnerabilities: CVE-2018-0771 is publicly disclosed but not known exploited. See Details column of Security Update Guide for complete list.  Restart Required: Requires restart  Known Issues: See next slide  NOTE: Education and Enterprise versions of Windows 10 version 1511 supported until April 2018.
February’s Known Issues for Windows 10  For All Windows 10 KBs  Due to an issue with some versions of anti-virus software, this fix is only being made applicable to the machines where the anti virus ISV has updated the ALLOW REGKEY.  KB 4074590 - Windows 10 Version 1607, Windows Server 2016  After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart.“ Recommended action is to disable Credential Guard until fix is available.  KB 4074588 – Windows 10 version 1709  Windows Update History reports that KB4054517 failed to install because of error 0x80070643. Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. Select Check for Updates to confirm that there are no additional updates available. Recommended action is to ignore message for now as it is installing properly.
MS18-02-OFF: Security Updates for Microsoft Office  Maximum Severity: Critical  Affected Products: Office 2007-2016, Outlook 2007-2016, Word Viewer, and Project Server 2013  Description: This security update resolves vulnerabilities in most Microsoft Office applications. This bulletin references 13 KB articles plus Click to Run.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 6 Vulnerabilities: CVE-2018-0841, CVE-2018-0850, CVE-2018-0851, CVE- 2018-0852, CVE-2018-0853, CVE-2018-0864  Restart Required: Requires application restart  Known Issues: None reported. You must have the latest service packs installed in order to install many of these security patches. Example, Office 2010 SP2, Excel 2013 SP1, etc.
MS18-02-IE: Security Updates for Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9, 10 and 11  Description: These security updates resolve several reported vulnerabilities in Internet Explorer. The fixes that are included in the cumulative Security Update for Internet Explorer KB 4074736 are also included in the February 2018 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update. This bulletin references 9 KB articles.  Impact: Remote Code Execution  Fixes 2 vulnerabilities: CVE-2018-0840, CVE-2018-0866  Restart Required: Requires browser restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
MS18-02-MR7: Monthly Rollup for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057400 (released January 19, 2018) This bulletin includes updates for IE. This bulletin is based on KB 4074598.  Impact: Remote Code Execution, Elevation of Privilege Information Disclosure  Fixes 15 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0755, CVE- 2018-0757, CVE-2018-0760, CVE-2018-0761, CVE-2018-0810, CVE-2018-0820, CVE- 2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0842, CVE-2018-0844, CVE- 2018-0846, CVE-2018-0847, CVE-2018-0855  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
MS18-02-SO7: Security-only Update for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 and Server 2008 R2  Description: Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems. This bulletin is based on KB 4074587.  Impact: Remote Code Execution, Elevation of Privilege Information Disclosure  Fixes 15 Vulnerabilities: CVE-2018-0742, CVE-2018-0755, CVE-2018-0757, CVE- 2018-0760, CVE-2018-0761, CVE-2018-0810, CVE-2018-0820, CVE-2018-0825, CVE- 2018-0829, CVE-2018-0830, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE- 2018-0847, CVE-2018-0855  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
MS18-02-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012 and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057402 (released January 17, 2018). This bulletin includes updates for IE. This bulletin is based on KB 4074593.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE- 2018-0760, CVE-2018-0810, CVE-2018-0820, CVE-2018-0825, CVE-2018-0829, CVE- 2018-0830, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
MS18-02-SO8: Security-only Update for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems. This bulletin is based on KB 4074589.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0760, CVE- 2018-0810, CVE-2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE- 2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
MS18-02-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057401 (released January 17, 2018). This bulletin includes updates for IE. This bulletin is based on KB 4074594.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE- 2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0832, CVE- 2018-0833, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
MS18-02-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: Security updates to Windows Kernel, Common Log File System driver, Windows storage and file systems, Microsoft Windows Search component, and the Windows SMB Server. This bulletin is based on KB 4074597.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0820, CVE- 2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0832, CVE-2018-0833, CVE- 2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
MS18-02-2K8: Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: This security update provides several fixes for vulnerabilities where the software fails to properly handle objects in memory. This bulletin references 7 KB articles.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 11 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0810, CVE- 2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0842, CVE- 2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
MS18-02-SPT: Security Updates for SharePoint  Maximum Severity: Important  Affected Products: Microsoft Enterprise SharePoint Server 2016  Description: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. This update contains many non-security fixes as well. This bulletin is based on KB 4011680.  Impact: Elevation of privilege  Fixes 2 Vulnerabilities: CVE-2018-0864, CVE-2018-0869  Restart Required: Requires Restart  Known Issues: None reported  NOTE: In previous bulletins the SharePoint updates were bundled with the Office updates. This has been separated out as many customers have separate desktop and server patch teams.
APSB18-02: Security Update for Adobe Acrobat and Reader  Maximum Severity: Critical  Affected Products: Adobe Acrobat and Reader (all current versions)  Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution, Elevation of Privilege  Fixes 41 Vulnerabilities: See APSB18-02 for complete list.  Restart Required: Requires application restart
Chrome-216: Security Update for Chrome  Maximum Severity: Critical  Affected Products: Google Chrome  Description: The stable channel has been updated to 64.0.3282.167 for Mac & Linux, and 64.0.3282.167/168 for Windows, which will roll out over the coming days/weeks.  Impact: Not reported  Fixes 1 Vulnerability: CVE-2018-6056  Restart Required: Requires restart
Non-Security Updates  Maximum Severity: Recommended  Affected Products: CCleaner and Bandicut  Description: Non-Security updates may include critical bug fixes and feature updates. Depending on what version you are updating from a Non-Security update could include security fixes from previous updates you have not yet applied. Ivanti recommends updating 3rd party applications as regularly as possible to ensure additional security threats are not exposed.
MS18-02-AFP: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player that is installed on any supported edition of Windows Server Version 1709, Windows Server 2016, Windows 10 Version 1709 (Fall Creators Update), Windows 10 Version 1703 (Creators Update), Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 RTM, Windows Server 2012 R2, Windows 8.1, or Windows RT 8.1. This bulletin is based on KB 4074595.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2018-4877, CVE-2018-4878  Restart Required: Requires application restart  NOTE: This bulletin was released on February 6th.
APSB18-03: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2018-4877, CVE-2018-4878  Restart Required: Requires application restart  NOTE: This bulletin was released on February 6th.
Between Patch Tuesday’s New Product Support: Java Runtime Environment 9.0 Security Updates: 7-Zip (1), iTunes (1), CCleaner (1), Chrome (2), Firefox (3), Firefox ESR (1), FoxitPhantomPDF (1), iCloud (1), LibreOffice (2), Opera (3), Slack Machine-Wide Installer (2), Splunk Universal Forwarder (1), Thunderbird (1), Apache Tomcat (3), UltraVNC (1), VLC (1), VMware Player (3), VMware Workstation (3) Non-Security Updates: Beyond Compare (1), Citrix Reciever (2), Dropbox (2), Evernote (1), GOM Player (1), GoodSync (4), GoToMeeting (2), Google Backup and Sync (2), KeePass (1), LibreOffice (1), LogMeIn (1), Mozy Home (1), Mozy Pro (1), Nitro Pro (1), VirtualBox (1), PDFCreator (1), PDF-Xchange Pro (3), Plex Media Player (1), Prezi Classic Desktop (1), Skype (1), Snagit (1), TreeSize Free (2), TeamViewer (2), Wireshark (1), Cisco Webex Meeting Center (1), Webex Productivity Tools (3), Xmind (1) Security Tool: Ivanti (2)
Third Party CVE Information  Foxit PhantomPDF 8.3.5  Bulletin FIP-014, QFIP835  Fixes 1 Vulnerability: CVE-2017-14694  Thunderbird 52.6.0  Bulletin TB18-5260, QTB5260  Fixes 10 Vulnerabilities: CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018- 5103, CVE-2018-5104, CVE-2018-5117  Apache Tomcat 7.0.84  Bulletin TOMCAT-098, QTOMCAT7084  Fixes 1 Vulnerability: CVE-2017-15706
Third Party CVE Information (continued)  Apple iCloud 7.3.0  Bulletin ICLOUD-009, QICLOUD73020  Fixes 2 Vulnerabilities: CVE-2018-4088, CVE-2018-4096  iTunes 12.7.3.46  Bulletin AI18-001, QAI127346  Fixes 2 Vulnerabilities: CVE-2018-4088, CVE-2018-4096  Wireshark 2.4.4  Bulletin WIRES-074, QWIRES244  Fixes 4 Vulnerabilities: CVE-2017-5753, CVE-2018-5334, CVE-2018-5335, CVE- 2018-5336
Third Party CVE Information (continued)  VMware Workstation 12.5.9 Pro  Bulletin VMWW-011, QVMWW1259  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 12.5.9 Player  Bulletin VMWP-035, QVMWP1259  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 14.1.1 Pro  Bulletin VMWW-010, QVMWW1411  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 14.1.1 Player  Bulletin VMWW-034, QVMWW1411  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715
Third Party CVE Information (continued)  Java Runtime Environment 9.0.4  Bulletin JRE9-003, QJRE904  Fixes 20 Vulnerabilities: CVE-2018-2579, CVE-2018-2581, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018- 2618, CVE-2018-2627, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE- 2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678  Java 8 Update 161  Bulletin JAVA8-161, QJAVA8U161  Fixes 15 Vulnerabilities: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018- 2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE- 2018-2663, CVE-2018-2677, CVE-2018-2678
Thank You

Recommended

January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018
Ivanti
 
December 2017 Patch Tuesday
December 2017 Patch TuesdayDecember 2017 Patch Tuesday
December 2017 Patch Tuesday
Ivanti
 
July 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday AnalysisJuly 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday Analysis
Ivanti
 
Ivanti Patch Tuesday November 2017
Ivanti Patch Tuesday November 2017Ivanti Patch Tuesday November 2017
Ivanti Patch Tuesday November 2017
Ivanti
 
October 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday AnalysisOctober 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday Analysis
Ivanti
 
March 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday IvantiMarch 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday Ivanti
Ivanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018
Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday Analysis
Ivanti
 

Recommended

January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018
Ivanti
 
December 2017 Patch Tuesday
December 2017 Patch TuesdayDecember 2017 Patch Tuesday
December 2017 Patch Tuesday
Ivanti
 
July 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday AnalysisJuly 2018 Patch Tuesday Analysis
July 2018 Patch Tuesday Analysis
Ivanti
 
Ivanti Patch Tuesday November 2017
Ivanti Patch Tuesday November 2017Ivanti Patch Tuesday November 2017
Ivanti Patch Tuesday November 2017
Ivanti
 
October 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday AnalysisOctober 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday Analysis
Ivanti
 
March 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday IvantiMarch 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday Ivanti
Ivanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018
Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday Analysis
Ivanti
 
August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday Analysis
Ivanti
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday Analysis
Ivanti
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020
Dan Lalli
 
February Patch Tuesday 2019
February Patch Tuesday 2019February Patch Tuesday 2019
February Patch Tuesday 2019
Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019
Ivanti
 
September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018
Ivanti
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806
Ivanti
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015
Ivanti
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
Ivanti
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018
Ivanti
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday Analysis
Ivanti
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016
Ivanti
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015
Ivanti
 
Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016
Ivanti
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch Tuesday
Ivanti
 
Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019
Ivanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021
Ivanti
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016
Ivanti
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday Analysis
Ivanti
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
Ivanti
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch Tuesday
Ivanti
 
April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018
Ivanti
 

More Related Content

What's hot

August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday Analysis
Ivanti
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday Analysis
Ivanti
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020
Dan Lalli
 
February Patch Tuesday 2019
February Patch Tuesday 2019February Patch Tuesday 2019
February Patch Tuesday 2019
Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019
Ivanti
 
September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018
Ivanti
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806
Ivanti
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015
Ivanti
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
Ivanti
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018
Ivanti
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday Analysis
Ivanti
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016
Ivanti
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015
Ivanti
 
Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016
Ivanti
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch Tuesday
Ivanti
 
Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019
Ivanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021
Ivanti
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016
Ivanti
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday Analysis
Ivanti
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
Ivanti
 

What's hot (20)

August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday Analysis
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday Analysis
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020
 
February Patch Tuesday 2019
February Patch Tuesday 2019February Patch Tuesday 2019
February Patch Tuesday 2019
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019
 
September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806
 
Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015Patch Tuesday Analysis - October 2015
Patch Tuesday Analysis - October 2015
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday Analysis
 
Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016Patch Tuesday Analysis - January 2016
Patch Tuesday Analysis - January 2016
 
Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015Patch Tuesday Analysis - August 2015
Patch Tuesday Analysis - August 2015
 
Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016Patch Tuesday Analysis - February 2016
Patch Tuesday Analysis - February 2016
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch Tuesday
 
Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019Ivanti Patch Tuesday for November 2019
Ivanti Patch Tuesday for November 2019
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday Analysis
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
 

Similar to February 2018 Patch Tuesday Analysis

Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch Tuesday
Ivanti
 
April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018
Ivanti
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020
Ivanti
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020
Ivanti
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch Tuesday
Ivanti
 
June Patch Tuesday 2019
June Patch Tuesday 2019June Patch Tuesday 2019
June Patch Tuesday 2019
Ivanti
 
Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019
Ivanti
 
Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015
Ivanti
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - Ivanti
Ivanti
 
January 2022 patch tuesday
January 2022 patch tuesdayJanuary 2022 patch tuesday
January 2022 patch tuesday
Ivanti
 
2022 March Patch Tuesday
2022 March Patch Tuesday2022 March Patch Tuesday
2022 March Patch Tuesday
Ivanti
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019
Ivanti
 
Patch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - IvantiPatch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - Ivanti
Erica Azad
 
Analyse Patch Tuesday - juin
Analyse Patch Tuesday - juinAnalyse Patch Tuesday - juin
Analyse Patch Tuesday - juin
Ivanti
 
March 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday AnalysisMarch 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday Analysis
Ivanti
 
June 2023 Patch Tuesday
June 2023 Patch TuesdayJune 2023 Patch Tuesday
June 2023 Patch Tuesday
Ivanti
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020
Ivanti
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020
Ivanti
 

Similar to February 2018 Patch Tuesday Analysis (18)

Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch Tuesday
 
April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018April Patch Tuesday Analysis 2018
April Patch Tuesday Analysis 2018
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch Tuesday
 
June Patch Tuesday 2019
June Patch Tuesday 2019June Patch Tuesday 2019
June Patch Tuesday 2019
 
Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019
 
Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015Patch Tuesday Analysis - December 2015
Patch Tuesday Analysis - December 2015
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - Ivanti
 
January 2022 patch tuesday
January 2022 patch tuesdayJanuary 2022 patch tuesday
January 2022 patch tuesday
 
2022 March Patch Tuesday
2022 March Patch Tuesday2022 March Patch Tuesday
2022 March Patch Tuesday
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019
 
Patch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - IvantiPatch Tuesday - August 2017 - Ivanti
Patch Tuesday - August 2017 - Ivanti
 
Analyse Patch Tuesday - juin
Analyse Patch Tuesday - juinAnalyse Patch Tuesday - juin
Analyse Patch Tuesday - juin
 
March 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday AnalysisMarch 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday Analysis
 
June 2023 Patch Tuesday
June 2023 Patch TuesdayJune 2023 Patch Tuesday
June 2023 Patch Tuesday
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020
 

More from Ivanti

Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________
Ivanti
 
Patch Tuesday de Junio
Patch Tuesday de JunioPatch Tuesday de Junio
Patch Tuesday de Junio
Ivanti
 
Patch Tuesday Italia Giugno
Patch Tuesday Italia GiugnoPatch Tuesday Italia Giugno
Patch Tuesday Italia Giugno
Ivanti
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
Ivanti
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
Ivanti
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
Ivanti
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
Ivanti
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
Ivanti
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
Ivanti
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
Ivanti
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
Ivanti
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
Ivanti
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
Ivanti
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
Ivanti
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
Ivanti
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
Ivanti
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
Ivanti
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
Ivanti
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
Ivanti
 

More from Ivanti (20)

Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________
 
Patch Tuesday de Junio
Patch Tuesday de JunioPatch Tuesday de Junio
Patch Tuesday de Junio
 
Patch Tuesday Italia Giugno
Patch Tuesday Italia GiugnoPatch Tuesday Italia Giugno
Patch Tuesday Italia Giugno
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 

Recently uploaded

zOS Mainframe JES2-JES3 JCL-JECL Differences
zOS Mainframe JES2-JES3 JCL-JECL DifferenceszOS Mainframe JES2-JES3 JCL-JECL Differences
zOS Mainframe JES2-JES3 JCL-JECL Differences
YousufSait3
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Peter Muessig
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
dakas1
 
fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.
AnkitaPandya11
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 
Project Management: The Role of Project Dashboards.pdf
Project Management: The Role of Project Dashboards.pdfProject Management: The Role of Project Dashboards.pdf
Project Management: The Role of Project Dashboards.pdf
Karya Keeper
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
Alberto Brandolini
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
Remote DBA Services
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
YAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring detailsYAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring details
NishanthaBulumulla1
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Green Software Development
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
Liberarsi dai framework con i Web Component.pptx
Liberarsi dai framework con i Web Component.pptxLiberarsi dai framework con i Web Component.pptx
Liberarsi dai framework con i Web Component.pptx
Massimo Artizzu
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
gapen1
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
sjcobrien
 

Recently uploaded (20)

zOS Mainframe JES2-JES3 JCL-JECL Differences
zOS Mainframe JES2-JES3 JCL-JECL DifferenceszOS Mainframe JES2-JES3 JCL-JECL Differences
zOS Mainframe JES2-JES3 JCL-JECL Differences
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
 
fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 
Project Management: The Role of Project Dashboards.pdf
Project Management: The Role of Project Dashboards.pdfProject Management: The Role of Project Dashboards.pdf
Project Management: The Role of Project Dashboards.pdf
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
YAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring detailsYAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring details
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
Liberarsi dai framework con i Web Component.pptx
Liberarsi dai framework con i Web Component.pptxLiberarsi dai framework con i Web Component.pptx
Liberarsi dai framework con i Web Component.pptx
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
 

February 2018 Patch Tuesday Analysis

  • 1. Patch Tuesday Webinar Wednesday, February 14, 2018 Hosted by: Chris Goettl & Todd Schell Dial in: 1-877-668-4490 (US) Event ID: 806 175 024
  • 2. Agenda February 2018 Patch Tuesday Overview In the News Bulletins Q & A 1 2 3 4
  • 4.
  • 5.  In the News
  • 6. In the News -  Update on Meltdown and Spectre:  http://www.zdnet.com/article/microsoft-delivers-free-meltdown-spectre-assessment- tool-for-it-pros/  https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated- guidance-for-customers-and-partners/  https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation- against-spectre-variant-2  Ivanti Product Related Articles:  https://community.shavlik.com/docs/DOC-24510 (Shavlik)  https://community.ivanti.com/docs/DOC-66046 (LANDESK)  https://community.ivanti.com/docs/DOC-63022 (HEAT)  Other News  Flash Zero Day Resolved February 6th  https://krebsonsecurity.com/tag/flash-player-zero-day/
  • 7. Known Issues Things to be aware of  Windows 10 Branch Support: End of Life for 2018  Branch 1607 scheduled for March 2018  Branch 1703 scheduled for September 2018  Windows 10 Version 1511 will continue to receive limited, critical updates  Supported Editions  Windows 10 Education  Windows 10 Enterprise  Unsupported Editions  Windows 10 Home  Windows 10 Pro  Everyone strongly urged to update to latest version of Windows 10
  • 8. Known Issues Things to be aware of  Microsoft limits patch installation based on AV regkey  Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.  Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer: Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWAREMicrosoftWindowsCurrentVersionQualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD” Data="0x00000000”  Multiple KBs referenced in today’s webinar slides
  • 9. Public Disclosures  CVE-2018-0771 - Microsoft Edge Security Feature Bypass Vulnerability  A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.  In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
  • 10. Zero Day Vulnerability  CVE-2018-4878 - Adobe Flash Vulnerability (from National Vulnerability Database)  A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to the handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
  • 12. MS18-02-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 1511, 1607,1703, 1709, Server 2016, IE 11 and Microsoft Edge  Description: This bulletin references 5 KB articles. See bulletins for list of changes.  Impact: Remote Code Execution, Security Feature Bypass, Elevation of Privilege, and Information Disclosure  Fixes 36 Vulnerabilities: CVE-2018-0771 is publicly disclosed but not known exploited. See Details column of Security Update Guide for complete list.  Restart Required: Requires restart  Known Issues: See next slide  NOTE: Education and Enterprise versions of Windows 10 version 1511 supported until April 2018.
  • 13. February’s Known Issues for Windows 10  For All Windows 10 KBs  Due to an issue with some versions of anti-virus software, this fix is only being made applicable to the machines where the anti virus ISV has updated the ALLOW REGKEY.  KB 4074590 - Windows 10 Version 1607, Windows Server 2016  After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart.“ Recommended action is to disable Credential Guard until fix is available.  KB 4074588 – Windows 10 version 1709  Windows Update History reports that KB4054517 failed to install because of error 0x80070643. Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. Select Check for Updates to confirm that there are no additional updates available. Recommended action is to ignore message for now as it is installing properly.
  • 14. MS18-02-OFF: Security Updates for Microsoft Office  Maximum Severity: Critical  Affected Products: Office 2007-2016, Outlook 2007-2016, Word Viewer, and Project Server 2013  Description: This security update resolves vulnerabilities in most Microsoft Office applications. This bulletin references 13 KB articles plus Click to Run.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 6 Vulnerabilities: CVE-2018-0841, CVE-2018-0850, CVE-2018-0851, CVE- 2018-0852, CVE-2018-0853, CVE-2018-0864  Restart Required: Requires application restart  Known Issues: None reported. You must have the latest service packs installed in order to install many of these security patches. Example, Office 2010 SP2, Excel 2013 SP1, etc.
  • 15. MS18-02-IE: Security Updates for Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9, 10 and 11  Description: These security updates resolve several reported vulnerabilities in Internet Explorer. The fixes that are included in the cumulative Security Update for Internet Explorer KB 4074736 are also included in the February 2018 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update. This bulletin references 9 KB articles.  Impact: Remote Code Execution  Fixes 2 vulnerabilities: CVE-2018-0840, CVE-2018-0866  Restart Required: Requires browser restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
  • 16. MS18-02-MR7: Monthly Rollup for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057400 (released January 19, 2018) This bulletin includes updates for IE. This bulletin is based on KB 4074598.  Impact: Remote Code Execution, Elevation of Privilege Information Disclosure  Fixes 15 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0755, CVE- 2018-0757, CVE-2018-0760, CVE-2018-0761, CVE-2018-0810, CVE-2018-0820, CVE- 2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0842, CVE-2018-0844, CVE- 2018-0846, CVE-2018-0847, CVE-2018-0855  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
  • 17. MS18-02-SO7: Security-only Update for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 and Server 2008 R2  Description: Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems. This bulletin is based on KB 4074587.  Impact: Remote Code Execution, Elevation of Privilege Information Disclosure  Fixes 15 Vulnerabilities: CVE-2018-0742, CVE-2018-0755, CVE-2018-0757, CVE- 2018-0760, CVE-2018-0761, CVE-2018-0810, CVE-2018-0820, CVE-2018-0825, CVE- 2018-0829, CVE-2018-0830, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE- 2018-0847, CVE-2018-0855  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
  • 18. MS18-02-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012 and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057402 (released January 17, 2018). This bulletin includes updates for IE. This bulletin is based on KB 4074593.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE- 2018-0760, CVE-2018-0810, CVE-2018-0820, CVE-2018-0825, CVE-2018-0829, CVE- 2018-0830, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
  • 19. MS18-02-SO8: Security-only Update for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems. This bulletin is based on KB 4074589.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0760, CVE- 2018-0810, CVE-2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE- 2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
  • 20. MS18-02-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4057401 (released January 17, 2018). This bulletin includes updates for IE. This bulletin is based on KB 4074594.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 (shown) + 2 (IE) Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE- 2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0832, CVE- 2018-0833, CVE-2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
  • 21. MS18-02-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: Security updates to Windows Kernel, Common Log File System driver, Windows storage and file systems, Microsoft Windows Search component, and the Windows SMB Server. This bulletin is based on KB 4074597.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 12 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0820, CVE- 2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0832, CVE-2018-0833, CVE- 2018-0842, CVE-2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: These fixes can be installed only on systems that have the AV ALLOW REGKEY properly set.
  • 22. MS18-02-2K8: Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: This security update provides several fixes for vulnerabilities where the software fails to properly handle objects in memory. This bulletin references 7 KB articles.  Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure  Fixes 11 Vulnerabilities: CVE-2018-0742, CVE-2018-0757, CVE-2018-0810, CVE- 2018-0820, CVE-2018-0825, CVE-2018-0829, CVE-2018-0830, CVE-2018-0842, CVE- 2018-0844, CVE-2018-0846, CVE-2018-0847  Restart Required: Requires restart  Known Issues: None reported
  • 23. MS18-02-SPT: Security Updates for SharePoint  Maximum Severity: Important  Affected Products: Microsoft Enterprise SharePoint Server 2016  Description: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. This update contains many non-security fixes as well. This bulletin is based on KB 4011680.  Impact: Elevation of privilege  Fixes 2 Vulnerabilities: CVE-2018-0864, CVE-2018-0869  Restart Required: Requires Restart  Known Issues: None reported  NOTE: In previous bulletins the SharePoint updates were bundled with the Office updates. This has been separated out as many customers have separate desktop and server patch teams.
  • 24. APSB18-02: Security Update for Adobe Acrobat and Reader  Maximum Severity: Critical  Affected Products: Adobe Acrobat and Reader (all current versions)  Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution, Elevation of Privilege  Fixes 41 Vulnerabilities: See APSB18-02 for complete list.  Restart Required: Requires application restart
  • 25. Chrome-216: Security Update for Chrome  Maximum Severity: Critical  Affected Products: Google Chrome  Description: The stable channel has been updated to 64.0.3282.167 for Mac & Linux, and 64.0.3282.167/168 for Windows, which will roll out over the coming days/weeks.  Impact: Not reported  Fixes 1 Vulnerability: CVE-2018-6056  Restart Required: Requires restart
  • 26. Non-Security Updates  Maximum Severity: Recommended  Affected Products: CCleaner and Bandicut  Description: Non-Security updates may include critical bug fixes and feature updates. Depending on what version you are updating from a Non-Security update could include security fixes from previous updates you have not yet applied. Ivanti recommends updating 3rd party applications as regularly as possible to ensure additional security threats are not exposed.
  • 27. MS18-02-AFP: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player that is installed on any supported edition of Windows Server Version 1709, Windows Server 2016, Windows 10 Version 1709 (Fall Creators Update), Windows 10 Version 1703 (Creators Update), Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 RTM, Windows Server 2012 R2, Windows 8.1, or Windows RT 8.1. This bulletin is based on KB 4074595.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2018-4877, CVE-2018-4878  Restart Required: Requires application restart  NOTE: This bulletin was released on February 6th.
  • 28. APSB18-03: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2018-4877, CVE-2018-4878  Restart Required: Requires application restart  NOTE: This bulletin was released on February 6th.
  • 29. Between Patch Tuesday’s New Product Support: Java Runtime Environment 9.0 Security Updates: 7-Zip (1), iTunes (1), CCleaner (1), Chrome (2), Firefox (3), Firefox ESR (1), FoxitPhantomPDF (1), iCloud (1), LibreOffice (2), Opera (3), Slack Machine-Wide Installer (2), Splunk Universal Forwarder (1), Thunderbird (1), Apache Tomcat (3), UltraVNC (1), VLC (1), VMware Player (3), VMware Workstation (3) Non-Security Updates: Beyond Compare (1), Citrix Reciever (2), Dropbox (2), Evernote (1), GOM Player (1), GoodSync (4), GoToMeeting (2), Google Backup and Sync (2), KeePass (1), LibreOffice (1), LogMeIn (1), Mozy Home (1), Mozy Pro (1), Nitro Pro (1), VirtualBox (1), PDFCreator (1), PDF-Xchange Pro (3), Plex Media Player (1), Prezi Classic Desktop (1), Skype (1), Snagit (1), TreeSize Free (2), TeamViewer (2), Wireshark (1), Cisco Webex Meeting Center (1), Webex Productivity Tools (3), Xmind (1) Security Tool: Ivanti (2)
  • 30. Third Party CVE Information  Foxit PhantomPDF 8.3.5  Bulletin FIP-014, QFIP835  Fixes 1 Vulnerability: CVE-2017-14694  Thunderbird 52.6.0  Bulletin TB18-5260, QTB5260  Fixes 10 Vulnerabilities: CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018- 5103, CVE-2018-5104, CVE-2018-5117  Apache Tomcat 7.0.84  Bulletin TOMCAT-098, QTOMCAT7084  Fixes 1 Vulnerability: CVE-2017-15706
  • 31. Third Party CVE Information (continued)  Apple iCloud 7.3.0  Bulletin ICLOUD-009, QICLOUD73020  Fixes 2 Vulnerabilities: CVE-2018-4088, CVE-2018-4096  iTunes 12.7.3.46  Bulletin AI18-001, QAI127346  Fixes 2 Vulnerabilities: CVE-2018-4088, CVE-2018-4096  Wireshark 2.4.4  Bulletin WIRES-074, QWIRES244  Fixes 4 Vulnerabilities: CVE-2017-5753, CVE-2018-5334, CVE-2018-5335, CVE- 2018-5336
  • 32. Third Party CVE Information (continued)  VMware Workstation 12.5.9 Pro  Bulletin VMWW-011, QVMWW1259  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 12.5.9 Player  Bulletin VMWP-035, QVMWP1259  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 14.1.1 Pro  Bulletin VMWW-010, QVMWW1411  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715  VMware Workstation 14.1.1 Player  Bulletin VMWW-034, QVMWW1411  Fixes 3 Vulnerabilities: CVE-2017-4949, CVE-2017-4950, CVE-2017-5715
  • 33. Third Party CVE Information (continued)  Java Runtime Environment 9.0.4  Bulletin JRE9-003, QJRE904  Fixes 20 Vulnerabilities: CVE-2018-2579, CVE-2018-2581, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018- 2618, CVE-2018-2627, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE- 2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678  Java 8 Update 161  Bulletin JAVA8-161, QJAVA8U161  Fixes 15 Vulnerabilities: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018- 2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE- 2018-2663, CVE-2018-2677, CVE-2018-2678
  • 34.

Editor's Notes

  1. Keep in mind that since May 9, 2017, customers running Windows 10 version 1507 are no longer receiving security and quality updates, with the exception of the Windows 10 Enterprise 2015 LTSB and the Windows 10 IoT Enterprise 2015 LTSB editions. Microsoft has extended support for Enterprise and Education version of Windows 10 version 1511 until April 2018.