Skip to main content
Tag

Oct Patch Tuesday updates

||||

October Patch Tuesday: Windows 10 Disappears Files

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Patch Tuesday: The Latest News

Microsoft has released 49 security patches today covering Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.

12 updates are listed as Critical, 35 are rated Important, one is rated as Moderate and one is rated Low severity.

Windows 10 Feature Updates Paused

The highly anticipated Windows 10 feature update (1809) was hotly awaited by Windows 10 users on October 2 only to find that Microsoft have just halted the release due to a very embarrassing bug. Upon install, 1809 deletes users personal files which cannot be easily restored.

Robert Brown, Director of Services for Verismic said, “We would encourage all of our clients to use our recommended test and deployment strategy for feature updates as they do for normal Windows updates. You have 18 months for each feature update, so there is absolutely no reason to rush into mass deployment without testing the impact on your users first.”

Adobe Fixes Critical Vulnerabilities

Adobe released their monthly patch list early this month, with almost a hundred updates coming out last week. Today a modest four additional updates have been released affecting Flash, Framemaker, Adobe Digital Editions & Adobe Technical Suite.

Vulnerability Requires your Attention

On paper CVE-2018-8453 only carries a severity of Important, however we have learned this is being actively exploited. The most likely exploitation of this type of vulnerability is thought by many experts to be by global malware making this a very serious vulnerability.

We would highly recommend this be a priority for your IT manager this month.

Enhance your approach to patch management with Syxsense. Start your free trial with a cloud-based IT management solution that’s easy to use and powerful.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

[vc_single_image image=”25192″ img_size=”full”]
CVE ID Description Severity Actively Exploited Highly Recommended
CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability Critical No Yes
CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability Critical No Yes
CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability Critical No Yes
CVE-2018-8494 MS XML Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability Critical No Yes
CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8453 Win32k Elevation of Privilege Vulnerability Important Yes Yes
CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability Important No Yes
CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability Important No Yes
CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability Important No Yes
CVE-2010-3190 MFC Insecure Library Loading Vulnerability Important No
CVE-2018-8265 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No
CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability Important No
CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability Important No
CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability Important No
CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability Important No
CVE-2018-8411 NTFS Elevation of Privilege Vulnerability Important No
CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability Important No
CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability Important No
CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability Important No
CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No
CVE-2018-8472 Windows GDI Information Disclosure Vulnerability Important No
CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability Important No
CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability Important No
CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important No
CVE-2018-8486 DirectX Information Disclosure Vulnerability Important No
CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important No
CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability Important No
CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability Important No
CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8501 Microsoft PowerPoint Security Feature Bypass Vulnerability Important No
CVE-2018-8502 Microsoft Excel Security Feature Bypass Vulnerability Important No
CVE-2018-8504 Microsoft Word Security Feature Bypass Vulnerability Important No
CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability Important No
CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability Important No
CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8527 SQL Server Management Studio Information Disclosure Important No
CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability Important No
CVE-2018-8532 SQL Server Management Studio Information Disclosure Important No
CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability Low No
CVE-2018-8533 SQL Server Management Studio Information Disclosure Moderate No
[vc_btn title=”Start Your Free Trial of Syxsense →” style=”gradient-custom” gradient_custom_color_1=”#f19b2c” gradient_custom_color_2=”#f19b2c” size=”lg” align=”center” button_block=”true” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||”]