Microsoft Windows Security Updates November 2018 release overview

Martin Brinkmann
Nov 13, 2018
Updated • Nov 14, 2018
Companies, Microsoft
|
28

Microsoft released security updates for all supported operating systems -- client and server -- and other company products on the November 2018 Patch Tuesday.

Microsoft pulled the October 2018 Update for Windows 10 days after its release because of a data loss bug that affected some systems. Microsoft re-released the update that brings Windows 10 to version 1809 today. Microsoft asks customers to wait until the update is offered to their device.

Read our guide on delaying Windows 10 feature updates if you want to wait with the installation of the update.

You can read about last month's security updates here.

Note: It is highly recommended that you create backups of the system before you install updates.

Microsoft Windows Security Updates November 2018

You may download an Excel spreadsheet that lists all security updates that Microsoft released for supported versions of Windows and other company products in November 2018. Just click on the following link to do so: (Download Removed)

Executive Summary

  • Microsoft released security updates for all supported versions of Windows.
  • Security updates are also available for Internet Explorer, Microsoft Edge, and other company products
  • Microsoft released Windows Server 2019 today.
  • The Windows 10 October 2018 Update is available again.
  • Microsoft promises to do better patch-wise.

Operating System Distribution

  • Windows 7: 13 vulnerabilities of which 2 are critical and 11 are important.
  • Windows 8.1: 16 vulnerabilities of which 2 are critical and 14 are important.
  • Windows 10 version 1607:  18 vulnerabilities of which 2 are critical and 16 are important
  • Windows 10 version 1703:  16 vulnerabilities of which 1 is critical and 15 are important
  • Windows 10 version 1709: 18 vulnerabilities of which 1 is critical and 17 are important
  • Windows 10 version 1803: 17 vulnerabilities of which 1 is critical and 16 are important
  • Windows 10 version 1809: 17 vulnerabilities of which 1 is critical and 16 are important

Windows Server products

  • Windows Server 2008 R2: 13 vulnerabilities of which 3 are critical and 10 are important.
  • Windows Server 2012 R2: 16 vulnerabilities of which 3 are critical and 13 are important.
  • Windows Server 2016: 19 vulnerabilities of which 3 are critical and 16 are important.
  • Windows Server 2019: 18 vulnerabilities of which 2 are critical and 16 are important.

Other Microsoft Products

  • Internet Explorer 11: 1 vulnerability, important
  • Microsoft Edge: 2 vulnerabilities, 2 critical

Windows Security Updates

Windows 10 version 1809

KB4467708

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
  • Addresses an issue that prevents users from signing in to a Microsoft account (MSA) as a different user if signing in a second time.
  • Fixed an issue that prevented file system access to IoT UWP apps that require it.
  • Fixed an issue with the onscreen keyboard appearing during automated tests or installation of a physical keyboard.
  • Security updates to Microsoft Edge, Windows Scripting, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Kernel, Windows Server, and Windows Wireless Networking.

KB4465664

  • Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.

KB4470646

  • Security update that fixes an elevation of privilege vulnerability.

Windows 10 version 1803

KB4467702

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
  • F12 would not open the Developer Tools in Microsoft Edge.
  • Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Graphics, Windows Media, Windows Wireless Networking, Windows Kernel, and Windows Server .

KB4465663

  • Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.

Windows 10 version 1709

KB4467686

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
  • Security updates to Windows Scripting, Internet Explorer, Microsoft Edge, Windows Media, Windows Graphics, Windows App Platform and Frameworks, Windows Server, Windows Kernel, and Windows Virtualization and Kernel .

KB4465661

  • Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.

Windows 10 version 1703

KB4467696

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
  • Security updates to Windows Scripting, Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows Graphics, Windows Kernel, and Windows Server.

KB4465660

  • Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.

Windows 10 version 1607

KB4467691

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
  • Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Wireless Networking, Windows Kernel, and Windows Server .

KB4465659

  • Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.

KB4465660

  • Another Servicing Stack Update for Windows 10 version 1703

Windows 8.1

KB4467697 -- Monthly Rollup

  • Fixed high CPU usage and performance degradation with some AMD processors.
  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Internet Explorer, Windows Wireless Networking, Windows Kernel, and Windows Server.

KB4467703 -- Security only

  • Same as Monthly Rollup

Windows 7

KB4467107 -- Monthly Rollup

  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Wireless Networking, Windows Kernel, and Windows Server .

KB4467106 -- Security only

  • Same as Monthly Rollup but no listed issues.

Other Security Updates

KB4466536 -- Cumulative security update for Internet Explorer 11.

KB4458008 -- Fixes remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4462935 -- Fixes elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4462987 -- Fixes remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4463103 -- Elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4463361 -- Information disclosure vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4463545 -- Elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4463573 -- Remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009

KB4466388 -- Security Update for WES09 and POSReady 2009

KB4467689 -- Security Update for WES09 and POSReady 2009

KB4467694 -- Adobe Flash Player update

KB4467700 -- Security Only Quality Update for Windows Server 2008

KB4467706 -- Security Monthly Quality Rollup for Windows Server 2008

KB4467701 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4470118 -- Security Update for WES09 and POSReady 2009

KB4470198 -- Security Update for WES09 and POSReady 2009

KB4467680 -- Dynamic Cumulative Update for Windows 10 Version 1507

Notes

Known Issues

Windows 10 version 1809

  • Some Win32 programs cannot be set as the default file openers under Open With or Settings > Apps > Default Apps.

Windows 10 version 1803

  • Some Win32 programs cannot be set as the default file openers under Open With or Settings > Apps > Default Apps.
  • Instantiation of SqlConnection can throw exceptions.

Windows 10 version 1709

  • Instantiation of SqlConnection can throw exceptions.

Windows 10 version 1703

  • Instantiation of SqlConnection can throw exceptions.

Windows 10 version 1607 and Windows Server 2016

  • Installation and client activation of Windows Server 2019 and 1809 LTSC Key Management Service (KMS) (CSVLK) host keys do not work as expected.
  • Error "The replication operation encountered a database error" after installation of the update.
  • Instantiation of SqlConnection can throw exceptions.

Windows 7

Network Interface Controller may stop working. Microsoft's solution is to update drivers.

Security advisories and updates

ADV180025 | November 2018 Adobe Flash Security Update

ADV180028 | Guidance for configuring BitLocker to enforce software encryption

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4464455 -- Windows 10 version 1809

  • Fixed an Internet Explorer performance issue  with roaming profiles or not using the Microsoft Compatibility List.
  • Fixed time zone information issues.
  • Fixed a black screen issue on "some servers" when turning on the display.
  • Fixed an issue that delayed photo snapshots under certain light conditions when using the Camera app.
  • Addressed a performance issue with vSwitch on network interface cards.
  • Fixed an IPv4 connectivity issue when IPv6 is unbound.
  • Fixed a connectivity issue with guest VMS.
  • Fixed a reporting issue that implied that user policies had not been applied.

KB890830 -- Windows Malicious Software Removal Tool - November 2018

KB4467240 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4467241 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4467242 -- Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4467243 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

Microsoft Office Updates

Microsoft released non-security updates for Microsoft Office 2010, 2013 and 2016 last week. The following items are security updates that Microsoft released on the November 2018 Patch Day.

Office 2016

KB4461503 -- Addresses a remote code execution vulnerability in Microsoft Excel 2016. Also includes non-security fixes and improvements

  • Fixed a crash after right-clicking on the Excel icon and selecting close all windows.
  • Fixed another crash when saving a workbook with external references to cells with metadata from another workbook.
  • Fixed yet another crash caused by the Worksheet.Copy method.
  • Adds translation to German version for the Ctrl shortcut key in the Record Macro Dialog.
  • Fixes a freeze in Excel 2016 after hiding, filter, or outlining rows in a workbook with merged cells.

KB4022232 -- Fixes a remote code execution vulnerability in Office 2016.

KB4461506 -- Fixes a remote code execution vulnerability in Outlook 2016. Includes a large number of non-security fixes and improvements.

KB4461478 -- Fixes a remote code execution vulnerability in Project 2016 and includes a number of non-security improvements.

KB4461473 -- Security update for Skype for Business 2016. Includes the following improvements:

  • Fixes an issue with Skype calls failing after holding a PSTN call many times.
  • Splitter bar is hidden when the tabbed conversation window is resized to the minimum.

KB4461504 -- Security update for Word 2016 that includes a number of non-security fixes as well.

Office 2013

KB4461488 -- Security update for Excel 2013.

KB4022237 -- Security update for Office 2013.

KB4461486 -- Security update for Outlook 2013.

KB4461489 -- Security update for Project 2013.

KB4461487 -- Security update for Skype for Business 2013.

KB4461485 -- Security update for Word 2013.

Office 2010

KB4461530 -- Security update for Excel 2010.

KB3114565 -- Security update for Office 2010.

KB4032218 -- Security update for Office 2010.

KB4461524 -- Security update for Office 2010.

KB4461529 -- Security update for Outlook 2010.

KB4022147 -- Security update for Project 2010.

KB4461526 -- Security update for Word 2010.

Plus security updates for other Office products such as SharePoint Server 2019 and 2016.

How to download and install the November  2018 security updates

windows security updates november 2018

All updates are available via Windows Update and as direct downloads. Organizations may use other forms of distribution such as WSUS.

Windows admins may run update checks to retrieve updates as soon as they are released through Windows Updates:

  1. Open the Start Menu.
  2. Type Windows Updates and select the result.
  3. Select "check for updates" on the page that opens to run the check.

Direct update downloads

All cumulative updates for supported versions of Windows are also provided as direct downloads from Microsoft's Download Center site.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4467107 -- 2018-11 Security Monthly Quality Rollup for Windows 7
  • KB4467106 — 2018-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  •  KB4467697— 2018-11 Security Monthly Quality Rollup for Windows 8.1
  •  KB4467703 — 2018-11 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  •  KB4467691 — 2018-11 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  •  KB4467696 — 2018-11 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  •  KB4467686 — 2018-11 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4467702  — 2018-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  •  KB4467708 — 2018-11 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Article Name
Microsoft Windows Security Updates November 2018 release overview
Description
Microsoft released security updates for all supported versions of Windows and other company products on the November 2018 Patch Tuesday.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Gary said on November 22, 2018 at 2:51 pm
    Reply

    UPDATE on outlook 2010 issue

    MS claim this patch below (KB4461585) deals with outlook crashing after application of KB4461529

    https://support.microsoft.com/en-gb/help/4461585/november-21-2018-update-for-outlook-2010-kb4461585

    Will test and report back

    1. Gary said on November 22, 2018 at 6:58 pm
      Reply

      KB4461585 patch fixes outlook crashing from KB4461529. Yay.

  2. Francis said on November 21, 2018 at 9:14 pm
    Reply

    KB4461487 for Skype Enterprise 2015 (Lync 2013) is also having the problem of Smileys showing in Cleartext.

  3. Charlie said on November 20, 2018 at 10:25 pm
    Reply

    This installed a microsoft processor driver update on my computer which I suspect is the cause of my games crashing recently … still have to figure how to resolve this as it part of the pace and there is no roll-back on the driver … it went from microsoft processor driver 6.1.7601.24231 to microsoft processor driver 6.1.7601.24291 on the 15th

    1. Gary said on November 21, 2018 at 4:18 pm
      Reply

      Which patch do you believe applied the microcode update?

      Which OS are you running?

      Have you a new processor or perhaps an old one?

      My first thought was whether this was the meltdown patch. At one point, said patch was blocked unless you had a certified antivirus app (there’d been issues with some A/Vs causing BSODs due to kernel calls circumventing the meltdown patch restrictions). MS required a certain registry key to be generated. You could also hack your registry directly to apply it.

      Perhaps the microcode patch occurred because you’ve just installed A/V or perhaps had an engine update?

  4. Anonymous said on November 20, 2018 at 3:23 pm
    Reply

    KB4461473 broke Skype 2016. Problems with Smileys, some text not showing, messages not sending. I’m on Windows 10 1803.

  5. Anonymous said on November 19, 2018 at 1:01 pm
    Reply

    This update KB4461473 under Windows 7 broke our Skype, Smileys would show in Cleartext. After uninstalling KB4461473 it was fine again.

  6. Anonymous said on November 15, 2018 at 3:59 pm
    Reply

    Same problem here.
    KB4461529 update is crashing my Outlook 2010 64-bit.
    So far I was able to uninstall it, and it fixes the problem, but Windows Update put it back again.

  7. [email protected] said on November 15, 2018 at 6:50 am
    Reply

    Microsoft Outlook 2010 update (KB4461529) causes outlook to crash on start-up.
    Confirmed on 1 W7 Office Professional 64bit machine.
    Only Removal of the Update fixes the Problem

    Have tried Repair/SafeMode/NewProfile/Support and Recovery Assistant/undoing Cached Exchange mode/Disabling add ons/

    1. Gary said on November 15, 2018 at 9:32 am
      Reply

      Thanks Peter.

      I’ve noticed that Outlook is running VERY slowly too. For example, the addition of a new outlook email routing rule. At least for me, i use sender addresses to direct to subfolders and when you create a rule it applies on the root inbox. It takes a little time to run there (maybe 5 secs) but since the new patches, it’s horribly slow.

      I’m seriously considering removing the other 2 patches i received for it, just to test. If things speed up, I’ll probably roll back on a restore point.

      It’s the first time I’ve had significant performance degradation with an patch (aside from spectre and meltdown).

  8. Anonymous said on November 15, 2018 at 12:47 am
    Reply

    I ran Widows Update on a Windows 7 x64 machine, and installed the updates with no problem.

    I then ran Belarc Advisor, and it noted the following was missing:
    kb3177467 Servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1: October 9, 2018

    So Windows Update missed this update in October, and today.
    I rebooted and reran Windows Update, and it found and installed kb3177467

  9. Anonymous said on November 15, 2018 at 12:15 am
    Reply

    KB4467702 is not enabled by default. What are the steps to enable?

  10. Gary said on November 14, 2018 at 6:56 pm
    Reply

    Addition of KB4461529 (outlook 2010 security patch) leads to consistent crash on startup.

    Removal of patch restores stability. Patch it replaces (KB4227170) was fine. Outlook 2010 64bit on win 7 64bit home premium.

    I removed all outlook patches applied today (14 Nov 2018) and KB4461529 seems to be the culprit

      1. Gary said on November 17, 2018 at 11:33 pm
        Reply

        thanks very much for the link +1

  11. Mark Hazard said on November 14, 2018 at 6:22 pm
    Reply

    Thanks for your MS updates from me also, Martin.

  12. Emil said on November 14, 2018 at 4:30 pm
    Reply

    Hm great, KB4467702 repeatedly fails to install with Error code: (0x80073712).

    Anyone else?

    1. Anonymous said on November 19, 2018 at 3:14 am
      Reply

      Had the same issues. Clean boot does not work, manual installs do not work, troubleshooting does not work.

  13. Jim said on November 14, 2018 at 2:39 pm
    Reply

    Thank you for these monthly MS update articles Martin

  14. TelV said on November 14, 2018 at 2:12 pm
    Reply

    No .NET Framework security issues in this month’s release: https://blogs.msdn.microsoft.com/dotnet/2018/11/13/net-framework-november-2018-security-and-quality-rollup/

    If you’re not experiencing any of the issues mentioned in the article, you can skip the installation (or at least I will).

  15. TelV said on November 14, 2018 at 1:41 pm
    Reply

    @Martin,

    The Servicing Stack update 3173424 loads an article dating from July 2016. I checked the portal already and it links to the same article, but it seems a bit odd to me that none of the files are dated 2018. Also, at the very foot of the article it states: “Last Updated: Feb 4, 2017”.

    In addition, there’s no mention at all of a Security Stack update for Windows 8.1 in the November deployment article: https://support.microsoft.com/en-in/help/20181113/security-update-deployment-information-november-13-2018

    Any thoughts on that?

    1. Martin Brinkmann said on November 14, 2018 at 1:46 pm
      Reply

      Strange, I removed it from the list of updates.

  16. Belga said on November 14, 2018 at 11:31 am
    Reply

    No problem to install the Security only updates in Win 7 and 8.1. Thank you.

  17. chesscanoe said on November 13, 2018 at 11:58 pm
    Reply

    Thanks for your helpful spreadsheet. I used LibreOffice to convert to an odf and clicked the option to view in Chrome – very easy to read for my old eyes that way.
    After installing Flash KB4467694 over win 10 x64 1809, view history truncated all after “KB”. I can live with that. :-) Cmd now shows 1809 now up to Microsoft Windows [Version 10.0.17763.134]. It was 10.0.17763.55 before I upgraded today.

  18. Anonymous said on November 13, 2018 at 10:38 pm
    Reply

    because they are microsh-t and do not care if the fixes break over things

  19. Anonymous said on November 13, 2018 at 8:24 pm
    Reply

    DJI - Website Feedback

  20. Yuliya said on November 13, 2018 at 8:17 pm
    Reply

    November 13, 2018 — KB4467107 (Monthly Rollup)
    Applies to: Windows 7 Service Pack 1 Windows Server 2008 R2 Service Pack 1
    Known issues in this update
    After you apply this update, the network interface controller may stop working on some client software configurations.

    Apparently the solution to this would be to reinstall the network card driver. I guess even the same driver version should do the job. How do you, as a software company, release something like this without being embarrassed of yourself?

    1. Account unknown said on November 14, 2018 at 10:07 am
      Reply

      This is a small deal for M$ since they ruined thousands of systems with their fail 1809 release.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.