Microsoft Security Updates for July, 2018

[Corrine]

The July security release consists of 53 CVEs, of which 18 are listed as Critical and 33 are rated Important, 1 is rated as Moderate and 1 is rated as Low in severity.

The release consists of security updates for the following software: Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office, Services and Web Apps, ChakraCore, Adobe Flash Player, .NET Framework, ASP.NET, Microsoft Research JavaScript Cryptography Library, Skype for Business and Microsoft Lync, Visual Studio, Microsoft Wireless Display Adapter V2 Software, PowerShell Editor Services, PowerShell Extension for Visual Studio Code, and Web Customizations for Active Directory Federation Services.

The updates address Remote Code Execution, Security Feature Bypass, Elevation of Privilege, Denial of Service, Tampering, Information Disclosure, and Spoofing with known issues for 4338825 and 4338818.

Recommended Reading:

Even though on vacation, Dustin Childs dedicated time to provide a closer look at some of the patches for this month in Zero Day Initiative — The July 2018 Security Update Review. Although he indicated "None of the bugs patched this month are listed as publicly known or under active attack at the time of release." his evaluation is definitely appreciated.

Release Notes
Windows 10 Update History

 

[Corrine]

Microsoft released new cumulative updates for the Windows 10 Version 1703 and Version 1803 to introduce a series of quality improvements. No new operating system features are being introduced in this update. A restart is needed to install the update.

Version 1803: July 16, 2018—KB4345421 (OS Build 17134.167)
Version 1703: July 16, 2018—KB4345420 (OS Build 16299.550)

 

[Corrine]

Cumulative updates have been released by Microsoft for Windows 10 April 2018 Update (version 1803), Windows 10 Fall Creators Update (version 1709), and Windows 10 Creators Update (version 1703).

Version 1803: July 24, 2018—KB4340917 (OS Build 17134.191)
Version 1709: July 24, 2018—KB4338817 (OS Build 16299.579)
Version 1703: July 24, 2018—KB4338827 (OS Build 15063.1235)

See the update appropriate for your version of Windows 10 for the Improvements and fixes as well as Known Issues.

 

[Corrine]

Windows 10, Anniversary Update version 1607 only: July 30, 2018 - KB4346877 (OS Build 14393.2396) was released to fix an issue that was introduced in the July 2018 .NET Framework update.

{Bold added}

Windows 10, version 1607, reached end of service on April 10, 2018. Devices that are running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version of Windows 10.

IMPORTANT Windows 10 Enterprise and Windows 10 Education editions will receive six months of additional servicing at no cost. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026 per the Lifecycle Policy page. Windows 10 Anniversary Update (version 1607)-based devices that are running the Intel “Clovertrail” chipset will continue to receive updates until January 2023 per the Microsoft Community blog.