쏭팩

********************************************************************

Title: Microsoft Security Update Releases

Issued: December 19, 2018

********************************************************************

CORRECTION: The original mailer contained an incorrect CVE 

identifier in the lead sentence.

Summary

=======

The following CVE has been added to the December 2018 Security

Updates:

* CVE-2018-8653

Revision Information:

=====================

- CVE-2018-8653 | Scripting Engine Memory Corruption

  Vulnerability

- https://portal.msrc.microsoft.com/en-us/security-guidance

- Reason for Revision: Information published.

- Originally posted: December 19, 2018

- Updated: N/A

- Aggregate CVE Severity Rating: Critical

- Version: 1.0

********************************************************************

Title: Microsoft Security Update Releases

Issued: December 11, 2018

********************************************************************

Summary

=======

The following CVEs have undergone a major revision increment:

* CVE-2018-0952

* CVE-2018-8650

Revision Information:

=====================

- CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of

  Privilege Vulnerability

- https://portal.msrc.microsoft.com/en-us/security-guidance

- Reason for Revision: Security update 4463110 is being replaced 

  by security update 4469516 for Microsoft Visual Studio 2015 

  Update 3. Customers who have this version of Visual Studio

  installed should install the new security update.

- Originally posted: August 14, 2018

- Updated: December 11, 2018

- Aggregate CVE Severity Rating: Important

- Version: 4.0

- CVE-2018-8650 | Microsoft Office SharePoint XSS Vulnerability

- https://portal.msrc.microsoft.com/en-us/security-guidance

- Reason for Revision: Information published.

- Originally posted: December 11, 2018

- Updated: N/A

- Aggregate CVE Severity Rating: Important

- Version: 1.0

********************************************************************

Microsoft Security Update Summary for December 11, 2018

Issued: December 11, 2018

********************************************************************

This summary lists security updates released for December 11, 2018.

Complete information for the December 2018 security update release 

Can be found at

<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Please note the following information regarding the security updates:

* A list of the latest servicing stack updates for each operating 

system can be found in [ADV990001](https://portal.msrc.microsoft.com

/en-us/security-guidance/advisory/ADV180026). This list will be 

updated whenever a new servicing stack update is released. It is 

important to install the latest servicing stack update.

* Windows 10 updates are cumulative. The monthly security release 

includes all security fixes for vulnerabilities that affect Windows 

10, in addition to non-security updates. The updates are available 

cvia the [Microsoft Update 

Catalog](http://catalog.update.microsoft.com/v7/site/Home.aspx).

* Starting in March 2017, a delta package will be available on the 

Microsoft Update Catalog for Windows 10 version 1607 and newer. This 

delta package contains just the delta changes between the previous 

month and the current release.

* Updates for Windows RT 8.1 and Microsoft Office RT software are 

only available via [Windows 

Update](http://go.microsoft.com/fwlink/?LinkId=21130).

* For information on lifecycle and support dates for Windows 10 

operating systems, please see [Windows Lifecycle Facts 

Sheet](https://support.microsoft.com/en-us/help/13853/windows-

lifecycle-fact-sheet).

* In addition to security changes for the vulnerabilities, updates 

include defense-in-depth updates to help improve security-related 

features.

Critical Security Updates

============================

ChakraCore

Microsoft Edge

Internet Explorer 11

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1703 for 32-bit Systems

Windows 10 Version 1703 for x64-based Systems

Windows 10 version 1709 for 32-bit Systems

Windows 10 version 1709 for x64-based Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server, version 1709 (Server Core Installation)

Windows Server, version 1803 (Server Core Installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Microsoft .NET Framework 3.5

Microsoft .NET Framework 3.5.1

Microsoft .NET Framework 4.5.2

Microsoft .NET Framework 4.6

Microsoft .NET Framework 4.6.2

Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2

Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2

Microsoft .NET Framework 4.7.1/4.7.2

Microsoft .NET Framework 4.7.2

Microsoft .NET Framework 4.7/4.7.1/4.7.2

Important Security Updates

============================

Internet Explorer 9

Internet Explorer 10

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core 

installation)

Windows Server 2008 for Itanium-Based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core 

installation)

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server

Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Excel Services installed on Microsoft SharePoint Server 2010 Service

Pack 2

Microsoft Excel 2010 Service Pack 2 (32-bit editions)

Microsoft Excel 2010 Service Pack 2 (64-bit editions)

Microsoft Excel 2013 RT Service Pack 1

Microsoft Excel 2013 Service Pack 1 (32-bit editions)

Microsoft Excel 2013 Service Pack 1 (64-bit editions)

Microsoft Excel 2016 (32-bit edition)

Microsoft Excel 2016 (64-bit edition)

Microsoft Excel Viewer 2007 Service Pack 3

Microsoft Office 2010 Service Pack 2 (32-bit editions)

Microsoft Office 2010 Service Pack 2 (64-bit editions)

Microsoft Office 2016 for Mac

Microsoft Office 2019 for 32-bit editions

Microsoft Office 2019 for 64-bit editions

Microsoft Office 2019 for Mac

Microsoft Office Compatibility Pack Service Pack 3

Microsoft Office Online Server

Microsoft Office Web Apps 2010 Service Pack 2

Microsoft Office Web Apps 2013 Service Pack 1

Microsoft Outlook 2010 Service Pack 2 (32-bit editions)

Microsoft Outlook 2010 Service Pack 2 (64-bit editions)

Microsoft Outlook 2013 RT Service Pack 1

Microsoft Outlook 2013 Service Pack 1 (32-bit editions)

Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Microsoft Outlook 2016 (32-bit edition)

Microsoft Outlook 2016 (64-bit edition)

Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions)

Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions)

Microsoft PowerPoint 2013 RT Service Pack 1

Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions)

Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions)

Microsoft PowerPoint 2016 (32-bit edition)

Microsoft PowerPoint 2016 (64-bit edition)

Microsoft PowerPoint Viewer

Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Microsoft SharePoint Enterprise Server 2016

Microsoft SharePoint Foundation 2010 Service Pack 2

Microsoft SharePoint Server 2010 Service Pack 2

Microsoft SharePoint Server 2013 Service Pack 1

Microsoft SharePoint Server 2019

Office 365 ProPlus for 32-bit Systems

Office 365 ProPlus for 64-bit Systems)

Windows Azure Pack Rollup 13.1

Microsoft Visual Studio 2015 Update 3

Microsoft Visual Studio 2017

Microsoft Visual Studio 2017 version 15.9

Microsoft Dynamics NAV 2016

Microsoft Dynamics NAV 2017

Microsoft Exchange Server 2016 Cumulative Update 10

Microsoft Exchange Server 2016 Cumulative Update 11

********************************************************************

Title: Microsoft Security Advisory Notification

Issued: December 11, 2018

********************************************************************

Security Advisories Released or Updated on December 11, 2018

===================================================================

* Microsoft Security Advisory ADV990001

- ADV990001 | Latest Servicing Stack Updates

- https://portal.msrc.microsoft.com/en-us/security-guidance/

  advisory/ADV990001

- Reason for Revision: A Servicing Stack Update has been released 

  for Windows 10 Version 1709, Windows Server, version 1709 

  (Server Core Installation), Windows 10 Version 1803, and Windows

  Server, version 1803 (Server Core Installation). See the FAQ 

  section for more information.

- Originally posted: November 13, 2018

- Updated: December 11, 2018

- Version: 3.0

********************************************************************

Title: Microsoft Security Advisory Notification

Issued: December 5, 2018

********************************************************************

Security Advisories Released or Updated on December 5, 2018

===================================================================

* Microsoft Security Advisory ADV180031

- ADV180031 | December 2018 Adobe Flash Security Update

- https://portal.msrc.microsoft.com/en-us/security-guidance/

  advisory/ADV180031

- Reason for Revision: Information published.

- Originally posted: December 5, 2018

- Updated: N/A

- Version: 1.0

* Microsoft Security Advisory ADV990001

- ADV990001 | Latest Servicing Stack Updates

- https://portal.msrc.microsoft.com/en-us/security-guidance/

  advisory/ADV990001

- Reason for Revision: FAQs have been added to further explain 

  Security Stack Updates, The FAQs include a table that indicates

  the most recent SSU release for each Windows version. This is an

  informational change only.

- Originally posted: November 13, 2018

- Updated: December 3, 2018

- Version: 1.2

* Microsoft Security Advisory ADV990001

- ADV990001 | Latest Servicing Stack Updates

- https://portal.msrc.microsoft.com/en-us/security-guidance/

  advisory/ADV990001

- Reason for Revision: A Servicing Stack Update has been released 

  for Windows 10 Version 1809 and Windows Server 2019. See the 

  FAQ section for more information.

- Originally posted: November 13, 2018

- Updated: December 5, 2018

- Version: 2.0

********************************************************************

Title: Microsoft Security Advisory Notification

Issued: November 27, 2018

********************************************************************

Security Advisories Released or Updated on November 27, 2018

===================================================================

* Microsoft Security Advisory ADV180029

- ADV180029 | Inadvertently Disclosed Digital Certificates 

  Could Allow Spoofing

- https://portal.msrc.microsoft.com/en-us/security-guidance/

  advisory/ADV180029

- Reason for Revision: Information published.

- Originally posted: November 27, 2018

- Updated: N/A

- Version: 1.0