Author Topic: Microsoft Security Bulletin - February 2018  (Read 2703 times)

0 Members and 1 Guest are viewing this topic.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7178
  • Liverpool FC - YNWA
    • View Profile
Microsoft Security Bulletin - February 2018
« on: February 13, 2018, 04:39:44 PM »
Released: 13 February 2018


Critical Security Updates
============================

ChakraCore
Microsoft Edge
Internet Explorer 9
Internet Explorer 11
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation)
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server, version 1709 (Server Core Installation)
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions

Important Security Updates
============================

Microsoft Office Word Viewer
Microsoft Project Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016

Moderate Security Updates
============================

Internet Explorer 10
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #1 on: February 13, 2018, 06:00:27 PM »
The February security release consists of 50 CVEs, of which 14 are listed as Critical, 34 are rated Important, and 2 are rated Moderate in severity. The updates address Remote Code Execution, Elevation of Privilege, Information Disclosure and Security Feature Bypass.

See this month's Zero Day Initiative — The February 2018 Security Update Review by Dustin Childs in which he discusses several of the patches and includes a breakdown of the CVE's addressed in the update. 

For more information about the updates released today, see https://portal.msrc.microsoft.com/en-us/security-guidance/summary.  Updates can be sorted by OS from the search box. Information about the update for Windows 10 is available aWindows 10 Update History


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #2 on: February 14, 2018, 01:16:52 PM »
I usually go here
https://www.ghacks.net/2018/02/13/microsoft-security-updates-february-2018-release/
he breaks it down so this old brain can understand exactly what I need for Windows 7 and Office 2007, installed on an XP computer.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #3 on: February 14, 2018, 01:42:09 PM »
OT:  Coincidentally, at one time Martin Brinkmann was a "friend" of Al's but at the "end of FL", he suddenly didn't want any links to ghacks.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #4 on: February 14, 2018, 02:05:08 PM »
I have a problem with a MS link.

I go here: https://support.microsoft.com/en-za/help/4011703/descriptionofthesecurityupdateforwordviewerfebruary13-2018

to try and grab the Security update for Word Viewer. I always select the 3rd option for 2 reasons: windows update hasn't worked on XP for a long time so I can't depend on that to get me the Office 2007 updates I need and the catalog gives me a cab file. I haven't a clue as to what I'd need to do or even place it for it to work.

When I click the download link, I get sent here
https://www.microsoft.com/en-us/download/details.aspx?id=56573
this is a download for a different security update 4011715. I wondered why I had 4 copies of it.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #5 on: February 14, 2018, 02:36:47 PM »
Strange that you ended up at EN-ZA.  My search for KB4011703 took me to Description of the security update for Word Viewer: February 13, 2018.  From there, to the Update Catalog with the download:  http://www.catalog.update.microsoft.com/Search.aspx?q=KB4011703


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #6 on: February 14, 2018, 05:35:49 PM »
hmmm, I didn't notice the za. i edited it to us and I still get sent to the same plac. A download for KB4011715 and not what it is supposed to be KB7011703.

Yes, I can get to the catalog but when I click to download, I get this.
I don't know what to do with it. That's one reason i never use the catalog to download Office 2007 updates and instead use the Download Center. Unfortunately, the Download Center's search function didn't help. I got tons of downloads for Office 7 but I'd have to wade through pages to see if the one I want is hidden in those pages.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #7 on: February 14, 2018, 06:07:09 PM »
I downloaded the .cab and then I clicked on it. Apparently it simply opens up and shows me 10MB MSO.msp file which I hope I'll be able to click on and install.
I download the monthly patches to a computer that doesn't have Office on it so I'll have to wait to test it.

Even though it is listed under Office 2007 it says Office 2003 Word Viewer. Who knows, I might not need it.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #8 on: February 14, 2018, 06:40:28 PM »
After a lot of searching, I found a couple methods, one with DISM and the other with the built in package manager.  The identical instructions as shown in the following article appeared in multiple results:  How to Install .CAB File on Windows | Eddie Jackson.

Another option is to ask in the Staff Forum at Sysnative.  :)


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #9 on: February 15, 2018, 12:39:55 PM »
Thanks. I've been looking at DISM for a few days after an article I read at Woody's about removing a bad Windows update from a computer that won't boot.

This is for an XP computer and I don't know if DISM works on there. I rarely boot into XP and only to do updates so it will be quite a few weeks before I have a look.

Obviously, the patch isn't critical since I rarely fire up XP and I never use Office 2007. I put it on to test it for my husband. He didn't like it. I never installed the 2 additional licenses I had on his computers.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #10 on: February 15, 2018, 01:46:15 PM »
I was searching for Windows 7 solutions.  :)  You could try package manager:  How to Manually Install .CAB Cabinet File on Windows « My Digital Life


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1026
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #11 on: February 15, 2018, 10:05:55 PM »
I see Windows Package Manager for 7 and 10; I'm not sure this is doable in XP.

Offline MikeW

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 548
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #12 on: February 16, 2018, 10:09:02 AM »
I wonder why MS have resurrected this update on my win 7 machine again. -  kb3150513
Win 7 Home Premium  IE11 MSE  Mbam Pro

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19144
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Microsoft Security Bulletin - February 2018
« Reply #13 on: February 16, 2018, 12:42:41 PM »
KB3150513 shows it was last updated June 21, 2017, so it does seem rather strange that you are seeing it now.  Latest compatibility definition update for Windows


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Pierre75

  • Sr. Member
  • ****
  • Posts: 409
    • View Profile
Re: Microsoft Security Bulletin - February 2018
« Reply #14 on: February 17, 2018, 02:39:57 AM »
I wonder why MS have resurrected this update on my win 7 machine again. -  kb3150513

Think I found your answer. If you installed KB2592664 at any time you will receive notification for KB3150513. Check the link that Corrine posted and it shows it under Windows 7.
IF IT AIN'T BROKE -  DON'T FIX IT