Number: AV18-132
Date: 15 August 2018
Purpose
The purpose of this advisory is to bring attention to recently released Microsoft security updates.
Assessment
This advisory covers multiple support package deployments addressing multiple vulnerabilities in various Microsoft products.
Products Affected:
- Adobe Flash Player
- ChakraCore
- Internet Explorer
- Microsoft Edge
- Microsoft Exchange Server
- Microsoft Office
- Microsoft Office Services and Web Apps
- Microsoft SQL Server
- Microsoft Visual Studio
- Microsoft Windows
- Microsoft .NET Framework
CVE References:
CVE-2018-3615, CVE-2018-3620, CVE-2018-3646, CVE-2018-3665, CVE-2018-8273, CVE-2018-8341,
CVE-2018-8348, CVE-2018-8351, CVE-2018-8360, CVE-2018-8370, CVE-2018-8378, CVE-2018-8382,
CVE-2018-8394, CVE-2018-8396, CVE-2018-8398, CVE-2018-12824, CVE-2018-12825, CVE-2018-12826,
CVE-2018-12827, CVE-2018-12828
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
- https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ecb26425-583f-e811-a96f-000d3a33c573
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180016
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180020