SHARE

You’re hard at work on your computer or device and a message suddenly pops up saying, “a software update is available”. You’re busy, so you click “cancel” instead of “install”, thinking you’ll get to it later, but you never do. Sound familiar? But some Updates Like this one,are important as they often include critical patches to security holes.

Microsoft has released its latest patch,November Patch Tuesday, for addressing 53 different vulnerabilities.Out of 53 vulnerabilities, 17 are rated critical, 34 important, one moderate and one as low in severity.

The July security release consists of security updates for the following software:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • Adobe Flash Player
  • .NET Framework
  • ASP.NET
  • Microsoft Research JavaScript Cryptography Library
  • Skype for Business and Microsoft Lync
  • Visual Studio
  • Microsoft Wireless Display Adapter V2 Software
  • PowerShell Editor Services
  • PowerShell Extension for Visual Studio Code
  • Web Customizations for Active Directory Federation Service.
    In this Microsoft Security Updates provided a complete guide list for this July updates with affected prooduct and vulnerabilities detail.

    Microsoft Security Updates

    Microsoft Scripting Engine

    Microsoft Scripting Engine CVE-2018-8294 Chakra Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8280 Chakra Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8242 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8125 Microsoft Edge Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8298 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8287 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8288 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8290 Chakra Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8279 Microsoft Edge Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8283 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8286 Chakra Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8275 Microsoft Edge Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8296 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8291 Scripting Engine Memory Corruption Vulnerability
    Microsoft Scripting Engine CVE-2018-8276 Scripting Engine Security Feature Bypass Vulnerability

    Microsoft Office

    Microsoft Office CVE-2018-8281 Microsoft Office Remote Code Execution Vulnerability
    Microsoft Office CVE-2018-8323 Microsoft SharePoint Elevation of Privilege Vulnerability
    Microsoft Office CVE-2018-8300 Microsoft SharePoint Remote Code Execution Vulnerability
    Microsoft Office CVE-2018-8312 Microsoft Access Remote Code Execution Vulnerability
    Microsoft Office CVE-2018-8299 Microsoft SharePoint Elevation of Privilege Vulnerability
    Microsoft Office CVE-2018-8310 Microsoft Office Tampering Vulnerability

    Microsoft Windows

    Microsoft Windows CVE-2018-8308 Windows Kernel Elevation of Privilege Vulnerability
    Microsoft Windows CVE-2018-8309 Windows Denial of Service Vulnerability
    Microsoft Windows CVE-2018-8305 Windows Mail Client Information Disclosure Vulnerability
    Microsoft Windows CVE-2018-8206 Windows FTP Server Denial of Service Vulnerability
    Microsoft Windows CVE-2018-8319 MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
    Microsoft Windows CVE-2018-8313 Windows Elevation of Privilege Vulnerability

    Microsoft Edge

    Microsoft Edge CVE-2018-8289 Microsoft Edge Information Disclosure Vulnerability
    Microsoft Edge CVE-2018-8301 Microsoft Edge Memory Corruption Vulnerability
    Microsoft Edge CVE-2018-8325 Microsoft Edge Information Disclosure Vulnerability
    Microsoft Edge CVE-2018-8324 Microsoft Edge Information Disclosure Vulnerability
    Microsoft Edge CVE-2018-8297 Microsoft Edge Information Disclosure Vulnerability
    Microsoft Edge CVE-2018-8274 Microsoft Edge Memory Corruption Vulnerability
    Microsoft Edge CVE-2018-8278 Microsoft Edge Spoofing Vulnerability
    Microsoft Edge CVE-2018-8262 Microsoft Edge Memory Corruption Vulnerability

    .NET Framework

    .NET Framework CVE-2018-8284 .NET Framework Remote Code Injection Vulnerability
    .NET Framework CVE-2018-8260 .NET Framework Remote Code Execution Vulnerability
    .NET Framework CVE-2018-8202 .NET Framework Elevation of Privilege Vulnerability
    .NET Framework CVE-2018-8356 .NET Framework Security Feature Bypass Vulnerability

    Other Products

    Visual Studio CVE-2018-8172 Visual Studio Remote Code Execution Vulnerability
    Visual Studio CVE-2018-8232 Microsoft Macro Assembler Tampering Vulnerability
    Windows Kernel CVE-2018-8282 Win32k Elevation of Privilege Vulnerability
    Windows Shell CVE-2018-8314 Windows Elevation of Privilege Vulnerability

     

    Microsoft Windows DNS CVE-2018-8304 Windows DNSAPI Denial of Service Vulnerability
    Microsoft WordPad CVE-2018-8307 WordPad Security Feature Bypass Vulnerability
    Skype for Business and   Microsoft Lync CVE-2018-8238 Skype for Business and Lync Security Feature Bypass Vulnerability
    Skype for Business and  Microsoft Lync CVE-2018-8311 Remote Code Execution Vulnerability in Skype For Business and Lync
    Microsoft               PowerShell CVE-2018-8327 PowerShell Editor Services Remote Code Execution Vulnerability

     

    Active Directory CVE-2018-8326 Open Source Customization for Active Directory Federation Services XSS Vulnerability
    ASP.NET CVE-2018-8171 ASP.NET Security Feature Bypass Vulnerability
    Device Guard CVE-2018-8222 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    Internet Explorer CVE-2018-0949 Internet Explorer Security Feature Bypass Vulnerability
    Microsoft Devices CVE-2018-8306 Microsoft Wireless Display Adapter Command Injection Vulnerability

    Users are strongly advised to apply security patches as soon as possible to keep hackers and cyber criminals away from taking control of their computers.

    HOW TO INSTALL

    If you wish to install these latest November Patch Tuesday fixes, you just have to access the“Settings” portal on your device.

    Then, move to “Update and Security” and go to “Windows Update.” Next, move on to “Check for Updates.”

    It is also possible to install the latest security patches manually.

LEAVE A REPLY

Please enter your comment!
Please enter your name here