- November 2018 Security Updates release notes
- List of software updates for Microsoft products
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History
Microsoft Windows Security Updates November 2018 release overview
Microsoft released security updates for all supported operating systems -- client and server -- and other company products on the November 2018 Patch Tuesday.
Microsoft pulled the October 2018 Update for Windows 10 days after its release because of a data loss bug that affected some systems. Microsoft re-released the update that brings Windows 10 to version 1809 today. Microsoft asks customers to wait until the update is offered to their device.
Read our guide on delaying Windows 10 feature updates if you want to wait with the installation of the update.
You can read about last month's security updates here.
Note: It is highly recommended that you create backups of the system before you install updates.
Microsoft Windows Security Updates November 2018
You may download an Excel spreadsheet that lists all security updates that Microsoft released for supported versions of Windows and other company products in November 2018. Just click on the following link to do so: (Download Removed)
Executive Summary
- Microsoft released security updates for all supported versions of Windows.
- Security updates are also available for Internet Explorer, Microsoft Edge, and other company products
- Microsoft released Windows Server 2019 today.
- The Windows 10 October 2018 Update is available again.
- Microsoft promises to do better patch-wise.
Operating System Distribution
- Windows 7: 13 vulnerabilities of which 2 are critical and 11 are important.
- Windows 8.1: 16 vulnerabilities of which 2 are critical and 14 are important.
- Windows 10 version 1607:Â 18 vulnerabilities of which 2 are critical and 16 are important
- Windows 10 version 1703:Â 16 vulnerabilities of which 1 is critical and 15 are important
- Windows 10 version 1709: 18 vulnerabilities of which 1 is critical and 17 are important
- Windows 10 version 1803: 17 vulnerabilities of which 1 is critical and 16 are important
- Windows 10 version 1809: 17 vulnerabilities of which 1 is critical and 16 are important
Windows Server products
- Windows Server 2008 R2: 13 vulnerabilities of which 3 are critical and 10 are important.
- Windows Server 2012 R2: 16 vulnerabilities of which 3 are critical and 13 are important.
- Windows Server 2016: 19 vulnerabilities of which 3 are critical and 16 are important.
- Windows Server 2019: 18 vulnerabilities of which 2 are critical and 16 are important.
Other Microsoft Products
- Internet Explorer 11: 1 vulnerability, important
- Microsoft Edge: 2 vulnerabilities, 2 critical
Windows Security Updates
Windows 10 version 1809
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
- Addresses an issue that prevents users from signing in to a Microsoft account (MSA) as a different user if signing in a second time.
- Fixed an issue that prevented file system access to IoT UWP apps that require it.
- Fixed an issue with the onscreen keyboard appearing during automated tests or installation of a physical keyboard.
- Security updates to Microsoft Edge, Windows Scripting, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Kernel, Windows Server, and Windows Wireless Networking.
- Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.
- Security update that fixes an elevation of privilege vulnerability.
Windows 10 version 1803
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
- F12 would not open the Developer Tools in Microsoft Edge.
- Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Graphics, Windows Media, Windows Wireless Networking, Windows Kernel, and Windows Server .
- Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.
Windows 10 version 1709
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
- Security updates to Windows Scripting, Internet Explorer, Microsoft Edge, Windows Media, Windows Graphics, Windows App Platform and Frameworks, Windows Server, Windows Kernel, and Windows Virtualization and Kernel .
- Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.
Windows 10 version 1703
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
- Security updates to Windows Scripting, Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows Graphics, Windows Kernel, and Windows Server.
- Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.
Windows 10 version 1607
- Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers.
- Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Wireless Networking, Windows Kernel, and Windows Server .
- Servicing Stack update that fixes a BitLocker Device Encryption vulnerability.
- Another Servicing Stack Update for Windows 10 version 1703
Windows 8.1
KB4467697 -- Monthly Rollup
- Fixed high CPU usage and performance degradation with some AMD processors.
- Security updates to Windows App Platform and Frameworks, Windows Graphics, Internet Explorer, Windows Wireless Networking, Windows Kernel, and Windows Server.
KB4467703 -- Security only
- Same as Monthly Rollup
Windows 7
KB4467107 -- Monthly Rollup
- Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Wireless Networking, Windows Kernel, and Windows Server .
KB4467106 -- Security only
- Same as Monthly Rollup but no listed issues.
Other Security Updates
KB4466536 -- Cumulative security update for Internet Explorer 11.
KB4458008 -- Fixes remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4462935 -- Fixes elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4462987 -- Fixes remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4463103 -- Elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4463361 -- Information disclosure vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4463545 -- Elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4463573 -- Remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009
KB4466388 -- Security Update for WES09 and POSReady 2009
KB4467689 -- Security Update for WES09 and POSReady 2009
KB4467694 -- Adobe Flash Player update
KB4467700 -- Security Only Quality Update for Windows Server 2008
KB4467706 -- Security Monthly Quality Rollup for Windows Server 2008
KB4467701 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4470118 -- Security Update for WES09 and POSReady 2009
KB4470198 -- Security Update for WES09 and POSReady 2009
KB4467680 -- Dynamic Cumulative Update for Windows 10 Version 1507
Notes
- CVE-2018-8407
- CVE-2018-8408
- CVE-2018-8454
- CVE-2018-8545
- CVE-2018-8558
- CVE-2018-8563
- CVE-2018-8565
- CVE-2018-8573
- CVE-2018-8578
- CVE-2018-8579
- CVE-2018-8581
- CVE-2018-8592
Known Issues
Windows 10 version 1809
- Some Win32 programs cannot be set as the default file openers under Open With or Settings > Apps > Default Apps.
Windows 10 version 1803
- Some Win32 programs cannot be set as the default file openers under Open With or Settings > Apps > Default Apps.
- Instantiation of SqlConnection can throw exceptions.
Windows 10 version 1709
- Instantiation of SqlConnection can throw exceptions.
Windows 10 version 1703
- Instantiation of SqlConnection can throw exceptions.
Windows 10 version 1607 and Windows Server 2016
- Installation and client activation of Windows Server 2019 and 1809 LTSC Key Management Service (KMS) (CSVLK) host keys do not work as expected.
- Error "The replication operation encountered a database error" after installation of the update.
- Instantiation of SqlConnection can throw exceptions.
Windows 7
Network Interface Controller may stop working. Microsoft's solution is to update drivers.
Security advisories and updates
ADV180025 | November 2018 Adobe Flash Security Update
ADV180028 | Guidance for configuring BitLocker to enforce software encryption
ADV990001 | Latest Servicing Stack Updates
Non-security related updates
KB4464455 -- Windows 10 version 1809
- Fixed an Internet Explorer performance issue with roaming profiles or not using the Microsoft Compatibility List.
- Fixed time zone information issues.
- Fixed a black screen issue on "some servers" when turning on the display.
- Fixed an issue that delayed photo snapshots under certain light conditions when using the Camera app.
- Addressed a performance issue with vSwitch on network interface cards.
- Fixed an IPv4 connectivity issue when IPv6 is unbound.
- Fixed a connectivity issue with guest VMS.
- Fixed a reporting issue that implied that user policies had not been applied.
KB890830 -- Windows Malicious Software Removal Tool - November 2018
KB4467240 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4467241 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4467242 -- Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4467243 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008
Microsoft Office Updates
Microsoft released non-security updates for Microsoft Office 2010, 2013 and 2016 last week. The following items are security updates that Microsoft released on the November 2018 Patch Day.
Office 2016
KB4461503 -- Addresses a remote code execution vulnerability in Microsoft Excel 2016. Also includes non-security fixes and improvements
- Fixed a crash after right-clicking on the Excel icon and selecting close all windows.
- Fixed another crash when saving a workbook with external references to cells with metadata from another workbook.
- Fixed yet another crash caused by the Worksheet.Copy method.
- Adds translation to German version for the Ctrl shortcut key in the Record Macro Dialog.
- Fixes a freeze in Excel 2016 after hiding, filter, or outlining rows in a workbook with merged cells.
KB4022232 -- Fixes a remote code execution vulnerability in Office 2016.
KB4461506 -- Fixes a remote code execution vulnerability in Outlook 2016. Includes a large number of non-security fixes and improvements.
KB4461478 -- Fixes a remote code execution vulnerability in Project 2016 and includes a number of non-security improvements.
KB4461473 -- Security update for Skype for Business 2016. Includes the following improvements:
- Fixes an issue with Skype calls failing after holding a PSTN call many times.
- Splitter bar is hidden when the tabbed conversation window is resized to the minimum.
KB4461504 -- Security update for Word 2016 that includes a number of non-security fixes as well.
Office 2013
KB4461488 -- Security update for Excel 2013.
KB4022237 -- Security update for Office 2013.
KB4461486 -- Security update for Outlook 2013.
KB4461489 -- Security update for Project 2013.
KB4461487 -- Security update for Skype for Business 2013.
KB4461485 -- Security update for Word 2013.
Office 2010
KB4461530 -- Security update for Excel 2010.
KB3114565 -- Security update for Office 2010.
KB4032218 -- Security update for Office 2010.
KB4461524 -- Security update for Office 2010.
KB4461529 -- Security update for Outlook 2010.
KB4022147 -- Security update for Project 2010.
KB4461526 -- Security update for Word 2010.
Plus security updates for other Office products such as SharePoint Server 2019 and 2016.
How to download and install the November 2018 security updates
All updates are available via Windows Update and as direct downloads. Organizations may use other forms of distribution such as WSUS.
Windows admins may run update checks to retrieve updates as soon as they are released through Windows Updates:
- Open the Start Menu.
- Type Windows Updates and select the result.
- Select "check for updates" on the page that opens to run the check.
Direct update downloads
All cumulative updates for supported versions of Windows are also provided as direct downloads from Microsoft's Download Center site.
Windows 7 SP1 and Windows Server 2008 R2 SP
- KB4467107 -- 2018-11 Security Monthly Quality Rollup for Windows 7
- KB4467106 — 2018-11 Security Only Quality Update for Windows 7
Windows 8.1 and Windows Server 2012 R2
-  KB4467697— 2018-11 Security Monthly Quality Rollup for Windows 8.1
-  KB4467703 — 2018-11 Security Only Quality Update for Windows 8.1
Windows 10 and Windows Server 2016 (version 1607)
-  KB4467691 — 2018-11 Cumulative Update for Windows 10 Version 1607
Windows 10 (version 1703)
-  KB4467696 — 2018-11 Cumulative Update for Windows 10 Version 1703
Windows 10 (version 1709)
-  KB4467686 — 2018-11 Cumulative Update for Windows 10 Version 1709
Windows 10 (version 1803)
- KB4467702 — 2018-11 Cumulative Update for Windows 10 Version 1803
Windows 10 (version 1809)
-  KB4467708 — 2018-11 Cumulative Update for Windows 10 Version 1809
Additional resources
Summary
Article Name
Microsoft Windows Security Updates November 2018 release overview
Description
Microsoft released security updates for all supported versions of Windows and other company products on the November 2018 Patch Tuesday.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
UPDATE on outlook 2010 issue
MS claim this patch below (KB4461585) deals with outlook crashing after application of KB4461529
https://support.microsoft.com/en-gb/help/4461585/november-21-2018-update-for-outlook-2010-kb4461585
Will test and report back
KB4461585 patch fixes outlook crashing from KB4461529. Yay.
KB4461487 for Skype Enterprise 2015 (Lync 2013) is also having the problem of Smileys showing in Cleartext.
This installed a microsoft processor driver update on my computer which I suspect is the cause of my games crashing recently … still have to figure how to resolve this as it part of the pace and there is no roll-back on the driver … it went from microsoft processor driver 6.1.7601.24231 to microsoft processor driver 6.1.7601.24291 on the 15th
Which patch do you believe applied the microcode update?
Which OS are you running?
Have you a new processor or perhaps an old one?
My first thought was whether this was the meltdown patch. At one point, said patch was blocked unless you had a certified antivirus app (there’d been issues with some A/Vs causing BSODs due to kernel calls circumventing the meltdown patch restrictions). MS required a certain registry key to be generated. You could also hack your registry directly to apply it.
Perhaps the microcode patch occurred because you’ve just installed A/V or perhaps had an engine update?
KB4461473 broke Skype 2016. Problems with Smileys, some text not showing, messages not sending. I’m on Windows 10 1803.
This update KB4461473 under Windows 7 broke our Skype, Smileys would show in Cleartext. After uninstalling KB4461473 it was fine again.
Same problem here.
KB4461529 update is crashing my Outlook 2010 64-bit.
So far I was able to uninstall it, and it fixes the problem, but Windows Update put it back again.
Microsoft Outlook 2010 update (KB4461529) causes outlook to crash on start-up.
Confirmed on 1 W7 Office Professional 64bit machine.
Only Removal of the Update fixes the Problem
Have tried Repair/SafeMode/NewProfile/Support and Recovery Assistant/undoing Cached Exchange mode/Disabling add ons/
Thanks Peter.
I’ve noticed that Outlook is running VERY slowly too. For example, the addition of a new outlook email routing rule. At least for me, i use sender addresses to direct to subfolders and when you create a rule it applies on the root inbox. It takes a little time to run there (maybe 5 secs) but since the new patches, it’s horribly slow.
I’m seriously considering removing the other 2 patches i received for it, just to test. If things speed up, I’ll probably roll back on a restore point.
It’s the first time I’ve had significant performance degradation with an patch (aside from spectre and meltdown).
I ran Widows Update on a Windows 7 x64 machine, and installed the updates with no problem.
I then ran Belarc Advisor, and it noted the following was missing:
kb3177467 Servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1: October 9, 2018
So Windows Update missed this update in October, and today.
I rebooted and reran Windows Update, and it found and installed kb3177467
KB4467702 is not enabled by default. What are the steps to enable?
Addition of KB4461529 (outlook 2010 security patch) leads to consistent crash on startup.
Removal of patch restores stability. Patch it replaces (KB4227170) was fine. Outlook 2010 64bit on win 7 64bit home premium.
I removed all outlook patches applied today (14 Nov 2018) and KB4461529 seems to be the culprit
Hot off the press – https://support.office.com/en-us/article/outlook-2010-crashes-on-startup-after-installing-november-public-update-kb-4461529-8236c141-450d-45bf-861b-07dec3f4dcb9?ui=en-US&rs=en-US&ad=US
thanks very much for the link +1
Thanks for your MS updates from me also, Martin.
Hm great, KB4467702 repeatedly fails to install with Error code: (0x80073712).
Anyone else?
Had the same issues. Clean boot does not work, manual installs do not work, troubleshooting does not work.
Thank you for these monthly MS update articles Martin
No .NET Framework security issues in this month’s release: https://blogs.msdn.microsoft.com/dotnet/2018/11/13/net-framework-november-2018-security-and-quality-rollup/
If you’re not experiencing any of the issues mentioned in the article, you can skip the installation (or at least I will).
@Martin,
The Servicing Stack update 3173424 loads an article dating from July 2016. I checked the portal already and it links to the same article, but it seems a bit odd to me that none of the files are dated 2018. Also, at the very foot of the article it states: “Last Updated: Feb 4, 2017”.
In addition, there’s no mention at all of a Security Stack update for Windows 8.1 in the November deployment article: https://support.microsoft.com/en-in/help/20181113/security-update-deployment-information-november-13-2018
Any thoughts on that?
Strange, I removed it from the list of updates.
No problem to install the Security only updates in Win 7 and 8.1. Thank you.
Thanks for your helpful spreadsheet. I used LibreOffice to convert to an odf and clicked the option to view in Chrome – very easy to read for my old eyes that way.
After installing Flash KB4467694 over win 10 x64 1809, view history truncated all after “KB”. I can live with that. :-) Cmd now shows 1809 now up to Microsoft Windows [Version 10.0.17763.134]. It was 10.0.17763.55 before I upgraded today.
because they are microsh-t and do not care if the fixes break over things
DJI -Â Website Feedback
November 13, 2018 — KB4467107 (Monthly Rollup)
Applies to: Windows 7 Service Pack 1 Windows Server 2008 R2 Service Pack 1
Known issues in this update
After you apply this update, the network interface controller may stop working on some client software configurations.
Apparently the solution to this would be to reinstall the network card driver. I guess even the same driver version should do the job. How do you, as a software company, release something like this without being embarrassed of yourself?
This is a small deal for M$ since they ruined thousands of systems with their fail 1809 release.