Welcome to our monthly overview of Microsoft's Windows security updates. We provide you with full details of all released security and non-security updates for Windows and other Microsoft products.
Check out the executive summary at the top if you are in a hurry, or go through the list of released updates and click on the links that point to Microsoft's Knowledgebase to look up additional information.
The overview includes the vulnerability distribution per client and server operating system, as well as for Edge and Internet Explorer, the list of patches, download information, and information about Microsoft Office and security advisories.
Microsoft planned to release the Windows 10 Spring Creators Update, version 1803 today, but it appears that the release has been delayed.
You may download the following Excel spreadsheet that lists all published security updates for all Microsoft products on the April 2018 Patch day: Windows Security Updates April 2018
Windows Server products
Other Microsoft Products
Microsoft released an update for the Microsoft Malware Protection Engine on April 3, 2018.
KB4093112 -- Windows 10 version 1709
KB4093107 -- Windows 10 version 1703
KB4093119 -- Windows 10 version 1607
KB4093108 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 -- Security Only
KB4093115 -- Windows 8.1 and Windows Server 2012 R2
KB4093114 -- Windows 8.1 and Windows Server 2012 R2
KB4093118 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 -- Monthly Rollup
KB4093110 -- Security update for Adobe Flash Player: April 10, 2018
KB4091756 -- Windows XP Embedded and Windows Server 2008 -- Denial of Server vulnerability
KB4092946 -- Cumulative Security Update for Internet Explorer
KB4093108 -- Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4093118 -- Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4093123 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4093122 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012
KB4093109 -- Cumulative Security Update for Windows 10 Version 1511
KB4093111 -- Cumulative Security Update for Windows 10
KB4093223 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Patches Microsoft graphics remote code execution issue.
KB4093224 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Fixes Microsoft graphics component denial of service vulnerability.
KB4093227 -- Security Update for Windows Server 2008 -- security update for the Windows Remote Desktop Protocol (RDP) denial of service vulnerability
KB4093257 -- Security Update Windows Server 2008 and Windows XP Embedded -- patches a buffer overflow vulnerability in the Microsoft JET Database engine and an elevation of privilege vulnerability in Windows Adobe Type Manager Font Driver.
KB4093478 -- Security Update for Windows Server 2008 -- patches information disclosure vulnerability.
KB4101864 -- Security Update for WES09 and POSReady 2009 for x86-based Systems
Windows 10 version 1709
Windows Update History reports that updates did not install because of 0x80070643 even though they did install.
Windows 7 and Windows Server 2008 R2
ADV180007 -- April 2018 Adobe Flash Security Update
KB4089848 for Windows 10 version 1709 -- non security update that fixes lots of issues.
KB4093137 -- Update for Windows 10 Version 1607 -- Servicing stack update for Windows 10, version 1607
KB4093430 -- Update for Windows 10 Version 1507 --Servicing stack update for Windows 10, version 1507
KB4093432 -- Update for Windows 10 Version 1703 -- Servicing stack update for Windows 10, version 1703
KB4099989 -- Windows 10 Version 1709 -- Servicing stack update for Windows 10, version 1709
KB890830 -- Windows Malicious Software Removal Tool
Office 2016
KB4018337 -- Excel 2016: security update that patches a remote code execution vulnerability and includes non-security improvements.
KB4011628 -- Office 2016: patches remote code execution vulnerability
KB4018319 -- Office 2016: patches remote code execution vulnerability and includes non-security improvements
KB4018328 -- Office 2016: patches remote code execution vulnerability and includes non-security improvements.
KB4018339 -- Word 2016: patches remote code execution vulnerability and includes non-security improvements.
KB4011667 -- Office 2016: fixes crash that occurs when adding an account that has already signed in.
KB4018322 -- Office 2016: blocks minors from running or obtaining add-ins without parental consent from the online store, and adds translation for the message why an Office add-on cannot be loaded.
KB4018329 -- Office 2016: update for Office 2016 Language Interface Pack.
KB4018326 -- Outlook 2016: adds support for Sync Slider, improves some translations, an issue with favorite folders disappearing under certain circumstances, and an issue where the recipients name may be removed from the recipient list if it matches the sender's display name.
KB4011726 -- PowerPoint 2016: adds help message for Microsoft Equation 3.0 and translation of the message that informs about the end of support for Microsoft Equation 3.0.
KB4018320 -- Project 2016:Â fixes a Project opening issue that results in the error message "Sorry, we were unable to open your project. Please try again. If this happens again, contact your administrator.". Fixes a crash furthermore, an issue with Change Working Time dialog boxes, and introduces new information to projects saved in XML format.
Tip: you can restore simple saving by setting SimpleXmlexport to the value of 1 in HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\MS Project\Options\Save\
KB4018323 -- Skype for Business 2016 update.
Office 2013
KB4018347 -- Word 2013: patches remote code execution and includes non-security improvements.
KB4018350 -- Excel 2013: patches remote code execution vulnerability and includes non-security improvements.
KB4018330 -- Office 2013: patches remote code execution vulnerability and includes non-security fixes.
KB4018288 -- Office 2013: Patches remote code execution vulnerability
KB3178636 -- Office 2013: fixes a crash in Outlook 2013 when opening messages that contain byte-order mark or zero-width non-breaking space characters in the body.
KB4018333 -- Office 2013: adds translations of messages that inform users why an Office add-in could not be loaded. Also, minors require parental consent to obtain or run add-ins from the online store.
KB4018303 -- Outlook 2013: fixes a crash in Outlook, custom forms with Visual Basic Script issue in shared calendars, sent emails appearing in the wrong Sent Items folder, and authentication prompt that were locked behind the main Outlook window.
KB4018289 -- Powerpoint 2013: same as KB4011726
KB4018335 -- Project 2013: same as KB4018320
KB4018334 -- Skype for Business 2015 update.
Office 2010
KB4018362 -- Excel 2010 security update
KB4018359 -- Word 2010 security update
KB4018357 -- Office 2013 security update
KB4018311 -- Office 2013 security update
KB2965234 -- PowerPoint 2010: Adds "appropriate help message" for Microsoft Equation 3.0.
KB4018312 -- same as KB2965234 but for PowerPoint Viewer.
KB3128038 -- Project 2010: adds new information to saved projects in XML format including name of views, tables, filters, groups, and more.
KB4018317 -- Outlook 2010: custom forms with Visual Basic Script doesn't run in shared calendars.
Update: Microsoft did release patches for Office 2007, SharePoint Server 2016, SharePoint Server 2013, Project Server 2013, and SharePoint Foundation 2013, and SharePoint Server 2013 as well.
Microsoft distributes updates via Windows Update to consumer systems. All versions of Windows are configured to check for, download and install important updates when they are published.
You may run a manual check for updates to pick up the updates as early as possible as the update checking does not happen in realtime.
Windows runs a check for updates and will download and install those it finds automatically.
Note: It is recommended that you create a backup of the system before you install updates as they may break things.
Updates for all supported versions of Windows may also be downloaded from the Microsoft Update Catalog website. Just click on the direct links below to do so.
Windows 7 SP1 and Windows Server 2008 R2 SP
Windows 8.1 and Windows Server 2012 R2
Windows 10 and Windows Server 2016 (version 1607)
Windows 10 (version 1703)
Windows 10 (version 1709)
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.