Microsoft security updates

Number: AV18-112
Date: 10 July 2018

Purpose

The purpose of this advisory is to bring attention to recently released Microsoft security updates.

Assessment

This advisory covers multiple support package deployments addressing multiple vulnerabilities in various Microsoft products.

Products Affected:

• Adobe Flash Player
• ASP.NET
• ChakraCore
• Internet Explorer
• PowerShell Editor Services
• PowerShell Extension for Visual Studio Code
• Microsoft Edge
• Microsoft Lync
• Microsoft Office
• Microsoft Office Services and Web Apps
• Microsoft Research JavaScript Cryptography Library
• Microsoft Visual Studio
• Microsoft Windows
• Microsoft Wireless Display Adapter V2 Software
• Microsoft .NET Framework
• Skype for Business
• Web Customizations for Active Directory Federation Services

CVE References:
CVE-2018-8260, CVE-2018-8281, CVE-2018-8282, CVE-2018-8282, CVE-2018-8299, CVE-2018-8300,
CVE-2018-8310, CVE-2018-8323, CVE-2018-8326, CVE-2018-8327

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

• https://portal.msrc.microsoft.com/en-us/security-guidance
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012