Microsoft Windows Security Updates September 2018 release overview

windows security updates september 2018
Martin Brinkmann
Sep 11, 2018
Updated • Sep 12, 2018
Microsoft, Windows Updates
|
22

Today is the second Tuesday of the month and that means that Microsoft has just released security updates for all supported company products.

The August 2018 Patch Day was rather uneventful, especially if you compare it to the July 2018 Patch Day which introduced quite a few serious issues.

Microsoft released security updates for all versions of Windows the company supports officially, for Microsoft Office, and for other company products.

The updates are already available on Windows Update, the Microsoft Download Center, and through other means.

Our monthly series provides you with an overview of this month's security updates and non-security updates that Microsoft released. Links are provided to read up on particular patches on Microsoft's Support website and there is a handy resource listing at the end for deeper information.

Note: We recommend that you wait with the installation of updates until the dust settles. Updates may fix issues but they may also introduce severe issues that may cause all kinds of issues. In any case, we recommend that you create a backup of the system before you install Windows updates.

Microsoft Windows Security Updates September 2018

You may download the following Excel file that lists all released security updates for all Microsoft products in September 2018. Click on the following link to download the file to your system: Security Updates Windows Microsoft September 2018

Executive Summary

  • Microsoft released security updates for all supported client and server versions of Windows.
  • The following Microsoft products received security updates as well: Microsoft Edge, Internet Explorer, Microsoft Office, Adobe Flash Player, the Microsoft .NET Framework.
  • Microsoft revealed this week that Enterprise customers may extend the support period of Windows 7 by three years.
  • 127 individual patches according to Microsoft Update Catalog.

Operating System Distribution

  • Windows 7: 18 vulnerabilities of which 3 are critical and 15 are important.
  • Windows 8.1: 22 vulnerabilities of which 4 are critical and 18 are important.
  • Windows 10 version 1703: 25 vulnerabilities of which 5 are critical and 18 are important. (extra critical is CVE-2018-0965)
  • Windows 10 version 1709: 24 vulnerabilities of which 4 are critical and 20 are important.
  • Windows 10 version 1803: 29 vulnerabilities of which 5 are critical and 24 are important. (extra critical is CVE-2018-0965)

Windows Server products

  • Windows Server 2008 R2: 18 vulnerabilities of which 3 are critical and 15 are important.
  • Windows Server 2012 R2: 22 vulnerabilities of which 4 are critical and 18 are important.
  • Windows Server 2016: 25 vulnerabilities of which 5 are critical and 20 are important.

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities, 3 critical, 3 important
  • Microsoft Edge: 13 vulnerabilities, 7 critical, 6 important

Windows Security Updates

Note: Some Windows 7 systems hit by error 0x8000FFFF when trying to install KB4457144. Best to avoid until resolved.

KB4457144 -- Windows 7 SP1 Monthly Rollup

KB4457145 -- Windows 7 SP1 Security-only Rollup

  • Security updates for various components such as Windows media, Windows Shell, Windows kernel, or Windows MSXML.

KB4457129 -- Windows 8.1 Monthly Rollup

KB4457143 -- Windows 8.1 Security-only Rollup

  • Same description as for Windows 7 SP1.

KB4457138 -- Windows 10 version 1703 cumulative update

  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows media, Windows Shell, Device Guard, Windows datacenter networking, Windows kernel, Windows hyper-V, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXM, and Windows Server.

KB4457142 -- Windows 10 version 1709 cumulative update

  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows graphics, Windows media, Windows Shell, Windows cryptography, Windows virtualization and kernel, Windows datacenter networking, Windows hyper-V, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

KB4457128 -- Windows 10 version 1803 cumulative update

  • Protection against CVE-2017-5715, a Spectre 2 variant for ARM64 devices.
  • Fixed excessive processor usage by the Program Compatibility Assistant service.
  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows media, Windows Shell, Windows Hyper-V, Windows datacenter networking, Windows virtualization and kernel, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

KB4457131 -- Windows Server 2016 cumulative update -- Requires Servicing Stack Update KB4132216

  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows media, Windows Shell, Device Guard, Windows Hyper-V, Windows catacenter networking, Windows kernel, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

KB4457426 -- Internet Explorer 11 cumulative update

KB4338381 -- Windows Embedded POSReady 2009 and Windows Embedded Standard

KB4457046 -- Windows Embedded POSReady 2009 and Windows Embedded Standard

  • .Net Framework 4.0 Security-only update

KB4457058 -- Windows Embedded POSReady 2009 and Windows Embedded Standard

  • .Net Framework 3.0 Security-only update

KB4457140 -- Windows Embedded 8 Standard and Windows Server 2012

  • Security Only Quality Update

KB4457146 -- Security Update for Adobe Flash Player

KB4457163 -- Windows Embedded POSReady 2009 and Windows Embedded Standard

  • Elevation of privilege vulnerability. See CVE-2018-8468 for details.

KB4457914 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4457915 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4457916 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4457917 -- Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4457918 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4457919 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4457920 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4457921 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4462774 -- Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4457984 -- Security Only Quality Update for Windows Server 2008

KB4458000 -- Security Update for WES09 and POSReady 2009

KB4458001 -- Security Update for WES09 and POSReady 2009

KB4458003 -- Security Update for WES09 and POSReady 2009

KB4458006 -- Security Update for WES09 and POSReady 2009

KB4458010 -- Security Monthly Quality Rollup for Windows Server 2008

KB4458318 -- Security Update for WES09 and POSReady 2009

Notes

Known Issues

-> Windows 7 SP1 and Server 2008 R2

Network interface controller may stop working after the update is installed.

Workaround:

  • Load devmgmt.msc the Device Manager and check under Other Devices.
  • Select Action > Scan for Hardware Changes.

-> Windows 10 version 1803

Listed as having issues in the release notes but no known issues listed on the KB support page.

-> Exchange Server 2010 SP3

A manual install of the security update in normal mode and double-clicking on the update file causes some files to be updated incorrectly.

Security advisories and updates

ADV180022 | Not yet published

ADV180023 | September 2018 Adobe Flash Security Update

Non-security related updates

KB4023057 -- All Windows 10 editions -- Reliability update, check this article.

KB4456655 -- Windows Server 1803 Servicing stack update

KB890830 -- Windows Malicious Software Removal Tool - September 2018

Microsoft Office Updates

Microsoft released non-security patches for Microsoft Office last month. You can check out our coverage of the September 2018 Office non-security updates here.

Office 2016

KB4092460 -- Excel 2016 security update that protects against a remote code execution vulnerability. See CVE-2018-8429.

Kb4092447 -- Word 2016 security update that protects against a remote code execution vulnerability. See CVE-2018-8430 for information.

  • Word 2016 specific: fixes issues that lead to the error messages "The export failed due to an unexpected error.", "Word couldn't send mail because of MAPI failure:"Attachment not found".", and "A table in this document has become corrupted.".

Office 2013

KB4032246 -- Word 2013 security update. Same as for Word 2016.

KB4092479 -- Excel 2013 security update. Same as for Excel 2016.

Office 2010

KB4227175 -- Excel 2010 security update. Same as for Excel 2016.

Other Office Products

Kb4092466 -- Microsoft Office Compatibility Pack Service Pack 3

KB4092467 -- Excel Viewer 2007

KB4092459 -- SharePoint Enterprise Server 2016

KB4092470 -- SharePoint Enterprise Server 2013

KB4022207 -- SharePoint Server 2010

How to download and install the September 2018 security updates

windows security updates september 2018

All security updates are released via Windows Update, the Microsoft Update Catalog, and various services that are available only to

Updates scans are made regularly by the operating system but they don't happen in real-time. You can run a manual check for updates at any time in the following way on client versions of Windows:

  1. Tap on the Windows-key or activate the Start button with the mouse.
  2. Type Windows Update and select the program from the list of search results.
  3. Select check for updates to run the manual check.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4457144 -- 2018-09 Security Monthly Quality Rollup for Windows 7
  • KB4457145 — 2018-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4457129  — 2018-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4457143  — 2018-09 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4457131 — 2018-09 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  •  KB4457138  — 2018-09 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4457142  — 2018-09 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4457128 — 2018-09 Cumulative Update for Windows 10 Version 1709

Additional resources

 

Summary
Microsoft Windows Security Updates September 2018 release overview
Article Name
Microsoft Windows Security Updates September 2018 release overview
Description
A detailed overview of all security and non-security patches that Microsoft released on the September 2018 Patch Tuesday.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Related content

Microsoft's CEO admits Bing is inferior to Google, but a deal with Apple could change it

Microsoft's CEO admits Bing is inferior to Google, but a deal with Apple could change it

Microsoft 365 Basic: access to OneDrive advanced security features coming

Fixing OneDrive's "Your account is currently unavailable" error message

Microsoft offers an explanation for the hack of its cloud
Apple and Microsoft want EU to remove iMessage and Bing from the ‘gatekeeper’ list

Apple and Microsoft want EU to remove iMessage and Bing from the ‘gatekeeper’ list

OneDrive: photos in albums count twice against a user's storage quota

Tutorials & Tips

How to make a table of contents in Word?

How to recall an email in Outlook?

How to enable Microsoft Loop app?

Excel Keyboard Shortcuts


Previous Post: «
Next Post: «

Comments

  1. Some Dude said on March 19, 2023 at 11:42 am
    Reply

    Are these articles AI generated?

    Now the duplicates are more obvious.

    1. boris said on March 19, 2023 at 11:48 pm
      Reply

      This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.

  2. Paul(us) said on March 20, 2023 at 1:32 am
    Reply

    Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
    1.) Excel Keyboard Shortcuts by Trevor Monteiro.
    2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro

    Why oh why?

    1. Clairvaux said on September 6, 2023 at 11:30 am
      Reply

      Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?

  3. John G. said on August 18, 2023 at 4:36 pm
    Reply

    Probably they will announce that the taskbar will be placed at top, right or left, at your will.

    Special event by they is a special crap for us.

  4. yanta said on August 18, 2023 at 11:59 pm
    Reply

    If it’s Microsoft, don’t buy it.
    Better brands at better prices elsewhere.

  5. John G. said on August 20, 2023 at 4:22 am
    Reply

    All new articles have zero count comments. :S

  6. Anonymous said on September 5, 2023 at 7:48 am
    Reply

    WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
    It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage

    I have O365 until end of this year, mostly for onedrive and probably will jump into google one

  7. St Albans Digital Printing Inc said on September 5, 2023 at 11:53 am
    Reply

    Photo storage must be kept free because customers chose gadgets just for photos and photos only.

  8. Anonymous said on September 5, 2023 at 12:47 pm
    Reply

    What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?

    1. GG said on September 6, 2023 at 8:24 am
      Reply

      Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.

      I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.

      And now that they discovered what poor management results in do they go back and do the album feature properly?

      Nope, just charge the customer twice.

      Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.

  9. d3x said on September 5, 2023 at 7:33 pm
    Reply

    When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?

  10. Scroogled said on September 5, 2023 at 10:47 pm
    Reply

    Instead of a software company, Microsoft is now a fraud company.

  11. ard said on September 7, 2023 at 4:59 pm
    Reply

    For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
    quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
    unquote

    so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.

  12. Andy Prough said on September 7, 2023 at 6:52 pm
    Reply

    >”Now You: what is your theory?”

    That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.

    Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.

  13. TelV said on September 8, 2023 at 12:04 pm
    Reply

    Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.

  14. Anonymous said on September 18, 2023 at 1:23 pm
    Reply

    The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2023 - All rights reserved