Microsoft Security Updates for September, 2018

[Corrine]

The September security release consists of 61 CVEs, of which 17 are listed as Critical 43 are rated Important, and 1 is rated as Moderate in severity. Four are listed as publicly known at the time of release and one of is reported as being actively exploited. See Dustin Childs excellent review and recommendations in Zero Day Initiative — The September 2018 Security Update Review where he provides additional information on the CVC reported as actively exploited and more.

The release consists of security updates for the following: Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, Adobe Flash Player, .NET Framework, Microsoft.Data.OData, and ASP.NET

The updates address Remote Code Execution, Elevation of Privilege, Security Feature Bypass, and Spoofing.

Release Notes

 

[Corrine]

Microsoft has released cumulative updates with non-security improvements and fixes for Windows 10 April 2018 Update (version 1803) and Windows 10 Fall Creators Update (version 1709). The update for both versions 1803 and 179 includes quality improvements with no new operating system features introduced.

• Version 1803: KB4458469
• Version 1709: KB4457136

The updates are available from Windows Update or the Microsoft Update Catalog.