Microsoft Windows Security Updates August 2018 release overview - gHacks Tech News

Microsoft Windows Security Updates August 2018 release overview

Microsoft released security updates for Windows, Office, and other company products on the August 2018 Patch Tuesday (Update Tuesday).

Last month's Patch Day was not the the smoothest of them all as it had issues that affected all supported versions of Windows. Microsoft released three cumulative updates for Windows 10, one designed solely to fix issues caused by another. The Windows 7 and Windows 8.1 updates had bugs, and the .Net Framework patches caused issues on some systems they were installed on.

We recommend to wait with the installation of the updates for at least a couple of days to monitor reports about issues. If you have to install the updates, make sure you back up the system before you do so.

The overview covers updates for client and server versions of Windows, Microsoft Office, and other company products. It links to security advisories and support pages, lists direct downloads, and other information that is important for home users and system administrators alike.

Microsoft Windows Security Updates August 2018

You can download an Excel spreadsheet that contains all security updates that Microsoft released today. Just click on the following link to download it: microsoft-windows-august-2018-updates.zip

Executive Summary

  • Microsoft released updates for all versions of Windows, Microsoft Edge, Internet Explorer Microsoft Office, and other company products including Visual Studio, .NET Framework, Microsoft SQL Server, Microsoft Exchange Server, and Adobe Flash Player.
  • All client and server versions of Windows are affected by critical vulnerabilities.
  • Microsoft does not provide a general overview of resolved security issues anymore on support pages.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which  3 are critical and 12 are important.
  • Windows 8.1: 12 vulnerabilities of which 2 are critical and 10 are important.
  • Windows 10 version 1607: 21 vulnerabilities of which 2 are critical and 17 are important.
  • Windows 10 version 1703: 21 vulnerabilities of which 3 are critical and 18 are important.
  • Windows 10 version 1709: 22 vulnerabilities of which 3 are critical and 19 are important.
  • Windows 10 version 1803: 21 vulnerabilities of which 3 are critical and 18 are important.

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 3 are critical and 12 are important.
  • Windows Server 2012 R2: 13 vulnerabilities of which 2 are critical and 10 are important.
  • Windows Server 2016: 20 vulnerabilities of which 2 are critical and 18 are important.

Other Microsoft Products

  • Internet Explorer 11: 11 vulnerabilities, 6 critical, 5 important
  • Microsoft Edge: 16 vulnerabilities, 10 critical, 5 important, 1 low

Windows Security Updates

KB4343909 -- Windows 10 version 1803

  • Protection against a new speculative execution side-channel vulnerability known as L2 Terminal Fault affecting Intel Copre and Intel Xeon processors.
  • Fixed high CPU usage issue for AMD Family processors of the 15th and 16th generation  after installing the June or July 2018 updates from Microsoft and microcode updates.
  • Fixed an issue that prevent apps from receiving mesh updates.
  • IE and Edge support the preload="none" tag.
  • Fixed authentication issue for apps running on HoloLens.
  • Addressed a battery life issue that reduced battery significantly after the upgrade to version 1803.
  • Fixed Device Guard blocking some ieframe.dll class IDs after the May 2018 update.
  • Addressed a vulnerability related to Export-Modulemember() function.

KB4343897 -- Windows 10 version 1709

  • Similar to Windows 10 version 1803.
  • Fixed copy adding additional spaces to content copied from IE.
  • Fixed AzureAD being displayed as the default domain after the July 24, 2018 updates.
  • Token Binding protocol draft updated to 0.16

KB4343885 -- Windows 10 version 1703

  • Similar to Windows 10 version 1803.
  • Fixed a issue that caused Internet Explorer to stop working on some sites.

KB4343887 -- Windows 10 version 1607 and Server 2016

  • Similar to Windows 10 version 1703.

KB4343898 -- Windows 8.1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Support for preload="none" tag. Microsoft lists Edge but that is a copy/paste error.
  • Fixed device startup issue by installing KB3033055 released in September 2015 after installing any November 2017 or later update.

KB4343888 -- Windows 8.1 Security-only

  • Protections against L1 Terminal Fault as in the Windows 10 updates

KB4343900 -- Windows 7 SP1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Fixed high cpu usage issue for some AMD processors after installing June or July 2018 updates and AMD microcode updates.
  • Protections against Lazy Floating Point (FP) State Restore for 32-bit versions.

KB4343899 -- Windows 7 SP1 Security-only

  • Identical to KB4343900

KB4343205 -- Cumulative Update for Internet Explorer

KB4338380 -- Windows Server 2008 -- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

KB4340937 -- Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 -- A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects.

KB4340939 -- Windows Server 2008 -- A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

KB4341832 -- Windows Server 2008 -- L1TF variant vulnerabilities update.

KB4343674 -- Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 -- fixes remote code execution vulnerability and information disclosure vulnerability in GDI.

KB4343902 -- Security update for Adobe Flash Player

KB4344104 -- Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 -- Remote code execution vulnerability in the Windows font library.

KB4344159 -- Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4344180 -- Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4345590 --Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345591 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345592 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4345593 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4345679 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345680 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345681 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4345682 -- Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

Notes

The following CVEs have FAQs that offer additional information and may also list additional steps required to update.

Known Issues

Windows 10 version 1803

Windows 10 version 1703

  • Issues caused by the July 2018 Net Framework update -- Microsoft is working on a solution.

Windows 10 version 1709

  • Localization issues for some languages that may display a few strings in English and not the local version.

Windows 7 SP1

  • Issue with third-party software related to missing oem<number>.inf file still exists.

Microsoft Exchange Server 2013

  • Some files are not properly update when the updates KB4340731 or KB4340733 are installed without elevated privileges. Outlook Web Access and Exchange Control Panel may stop working.

Security advisories and updates

ADV180017 -- July 2018 Adobe Flash Security Update

ADV180018 -- Microsoft Guidance to mitigate L1TF variant

ADV180020 -- August 2018 Adobe Flash Security Update

ADV180021 | Microsoft Office Defense in Depth Update

Non-security related updates

KB4339284 -- Time zone and DST changes in Windows for North Korea

KB4340689 -- Dynamic Update for Windows 10 Version 1709

KB890830 -- Windows Malicious Software Removal Tool - August 2018

KB4346877 -- Update for Windows 10 version 1607 and Server 2016 -- Fixes the .Net Framework update issues introduced by the July 2018 .Net updates.

KB4340917 -- Update for Windows 10 version 1803 -- See our coverage of KB4340917 here.

KB4338817 -- Update for Windows 10 version 1709 -- Lots of bug fixes.

KB4338827 -- Update for Windows 10 version 1703 -- Lots of bug fixes.

KB4338822 -- Update for Windows 10 version 1607 and Server 2016 -- Lots of bug fixes.

KB4345421 -- Update for Windows 10 version 1803 -- See our coverage of KB4345421 here.

KB4345420 -- Update for Windows 10 version 1709 -- attempts to fix issues caused by the July 2018 updates.

KB4345419 -- Update for Windows 10 version 1703 -- attempts to fix issues caused by the July 2018 updates.

KB4345418 -- Update for Windows 10 version 1607 and Server 2016 -- attempts to fix issues caused by the July 2018 updates.

Microsoft Office Updates

Check out our coverage of all released non-security updates for Office in August 2018 here.

Office 2016

KB4032233 -- Security update for Office 2016 that patches an information disclosure vulnerability.

KB4032235 -- Security update for Outlook 2016 detailed in ADV180021. Includes a number of improvements as well:

  • Restricts users from adding cloud files as attachments to digitally signed, rights-protected, or encrypted email messages.
  • Improves first, middle, and last names label translations in French.
  • Fixes a crash in third-party MAPI applications.
  • Adds various translations.
  • Outlook 2016 may start in offline mode even when you set it to start in online mode. (Fixed?)
  • Fixes accessibility issue with the Security Support Provider Interface authentication prompt.
  • Dynamic CRM functionality is blocked. See for help.

KB4032229 -- Security update for Excel 2016 that resolves a remote code execution vulnerability. Also includes improvements:

  • Fixes hangs in Excel
  • Addresses high CPU usage when you unprotect workbookx in Protected View and edit them.
  • Fixes an Excel crash when you open a workbook with an XLL add-in to store and retrieve binary data.
  • German translation update for VLOOKUP function assistant help text.

Office 2013

KB4032239 -- Resolves information disclosure vulnerability. Enables People Picker control in the Office Document Information Panel.

KB4032241 --Resolves various security vulnerabilities in Excel 2013.

KB4032240 -- Fixes security issues in Outlook 2013. Includes the following improvements:

  • Same as KB4032235 for the most part.

Office 2010

KB3213636 -- Fixes vulnerabilities in Microsoft Office 2010 - CVE-2018-8378.

KB4022198 -- Fixes vulnerabilities in Microsoft Office 2010 - CVE-2018-8378.

KB4032223 -- Excel 2010 update that addresses CVE-2018-8375, CVE-2018-8379 and CVE-2018-8382.

KB4018310 -- PowerPoint 2010 security update that addresses CVE-2018-8376.

KB4032222 -- Outlook 2010 security update. See ADV180021

Other Office products

KB4092433 -- Word Viewer

KB4092434 -- Word Viewer

KB4032213 -- Excel Viewer 2007

KB4032212 -- Microsoft Office Compatibility Pack Service Pack 3

KB4022195 - Microsoft Office Viewers and Office Compatibility Pack

Also: SharePoint Server 2016, 2013 and 2010.

How to download and install the August 2018 security updates

microsoft windows security updates august 2018

Most home PCs that run Windows use Windows Update for update checks, downloads, and installs. Organizations use Enterprise-specific update tools usually to download and deploy updates.

The Microsoft Update Catalog website offers a third-option to download and install updates.

Windows users who use Windows Update can run manual checks for updates to get updates installed immediately when they are released.

While it is recommended that you wait before you install updates, as updates may break things (and have numerous times in the past), you may do the following to install them when they are available:

  1. Tap on the Windows-key to display the Start menu.
  2. Type Windows Update and select the option.
  3. Select check for updates to install the updates.

Note: We recommend that you create a backup of the system partition and important data before you install Windows updates.

Direct update downloads

All cumulative updates for supported versions of Windows are also provided as direct downloads from Microsoft's Download Center site.

Just click on the direct links below to do so.

Windows 7 SP1 and Windows Server 2008 R2 SP

  •  KB4343900-- 2018-08 Security Monthly Quality Rollup for Windows 7
  •  KB4343899 — 2018-08 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  •  KB4343898 — 2018-08 Security Monthly Quality Rollup for Windows 8.1
  •  KB4343888 — 2018-08 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  •  KB4343887 — 2018-08 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  •   KB4343885 — 2018-08 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  •  KB4343897 — 2018-08 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  •  KB4343909 — 2018-08 Cumulative Update for Windows 10 Version 1709

Additional resources

 

Summary
Microsoft Windows Security Updates August 2018 release overview
Article Name
Microsoft Windows Security Updates August 2018 release overview
Description
Our overview of the Microsoft August 2018 Patch Day lists all updates released for Windows, Office, and other Microsoft products, and more.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. dmacleo said on August 14, 2018 at 8:01 pm
    Reply

    looks like just now hit wsus. sync 2 hrs ago had nothing.
    yay time to test breaking shit.

  2. Belga said on August 14, 2018 at 10:31 pm
    Reply

    Thanks !

  3. JOhn IL said on August 14, 2018 at 11:29 pm
    Reply

    First time it failed install after re-start. Ran Windows update troubleshooter and ran update again. Installed properly second time. Really getting tired of this stuff, two months in a row. Only one of my Windows 10 PC’s got the update. I am running Windows 10 1803.

  4. John said on August 14, 2018 at 11:45 pm
    Reply

    I wonder why so many updates, because in one month we will have a complete new Windows 10 1809 upgrade ISO. So wasted time updating for upgrading, for God’s sake. Thank you Martin.

  5. Cinikal said on August 15, 2018 at 5:39 am
    Reply

    Windows 10 1803 64 bit update installed without any problems. See no difference in performance either, and with the state of things lately I am calling this win.

  6. TelV said on August 15, 2018 at 9:15 am
    Reply

    Re: KB4343888: in the following article at https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in it states in the “Warning” (pink background) that a CPU firmware upgrade is required. Does this mean the patch won’t do provide any protection if no such firmware has been installed?

    In tha respect, there isn’t any CPU firmware available for my system (it’s out of warranty).

  7. TelV said on August 15, 2018 at 9:53 am
    Reply

    M$ is getting pretty cagey designating their KB numbers for .NET Framework updates these days it seems. I went to the Catalog site for the security only updates for Windows 8.1 (x64) and KB4345681 is the appropriate version for my system.

    However, I haven’t installed any upgrades beyond 4.5.2 which means I have to separate the two that I do want from the three available. These are KB4344166, KB4344178 and KB4344171.

    Now then, logic would tell me that the first one would be for .NET Framework 3.5 and the last one, for 4.5.2, but this is where the cagey bit comes in. Microsoft is so keen to persuade users to install all the upgrades (currently up to 4.7.2 I believe) so now they designate them in reverse order presumably to catch the unwary to install the latest versions.

    So if your like me and only want the patches for up to 4.5.2, you can dispense with KB4344166 because that’s intended for the 4.7.1 and 4.7.2. Here’s the info links to the other two:
    https://support.microsoft.com/en-in/help/4344178/description-of-the-security-only-update-for-net-framework-3-5-for-wind
    https://support.microsoft.com/en-au/help/4344171/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi

    1. Kofi said on August 15, 2018 at 3:24 pm
      Reply

      I could not agree more with how Micrcosoft Organizes that listing for .NET. I know there are alot of versions but then to bundle all three together on the catalog with little explanation can be frustrating.

      1. John said on August 15, 2018 at 7:23 pm
        Reply

        Completely agree. This is becoming madness, one friend of mine is unable the update .NET whatever the version with Windows Update, however he always can update installed versions downloading the package at Windows download web. Everything he downloaded through this way is installed with no advertisement but Windows Update never shows “own” updates. :(

  8. EP said on August 15, 2018 at 9:39 pm
    Reply

    Hi Martin

    it seems the August 2018 updates for Windows 10 versions 1703, 1709 & 1803 do resolve the July 2018 .NET problems.

    This note was recently added onto the MS KB articles for the KB4343909, KB4343897 & KB4343885 updates:
    -Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors.

  9. TelV said on August 17, 2018 at 4:18 pm
    Reply

    Just a quick side note re: Intel CPUs firmware. On the Intel site at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html it mentions that they released a microcode update three days ago on 14 August to address the issue.

    I checked with Acer a few minutes ago, but they’re still working on their version of respective firmware and will publish the results on their site a.s.a.p. But you might want to check with your own OEM as to when they’re likely to release a patch.

  10. Billy said on August 22, 2018 at 8:47 pm
    Reply

    This last round of updates (Windows 7) has essentially locked me out of any ability to control Windows Update settings. First thing I noticed that happened, was that I could not change update settings. It had changed itself to ‘always automatically download and install’, and I could not change this. Said I didn’t have Administrator privileges, even though I was logged into Admin account.

    After deleting AU subkey in RegEdit, I had control again. Or so I thought! Even with Updates turned off, the system will still automatically download and install. So, Windows has now decided to completely bypass any command related to Updates, and it now does as it wants.

    Not very impressed. To me, this is a huge problem. More than likely the first of many problems Microsoft will ‘introduce’ to push people away from Windows 7. Wonder what they’ll gimp next?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.