Microsoft Windows Patchday Mai 2018

Es ist wieder soweit, Microsoft patcht seine Betriebssysteme. Nachfolgend ein paar Infos zum Patchay im Mai 2018 dazu.

Die neue Version Creators Update (1803) ist erst wenige Tage im Umlauf und wird ebenso bei diesem Patchday bedacht. Das KB4103721 erhöt die Versionsnummer auf 17134.48. Es behebt Probleme:

• mit App-V Scripten,
• behebt das festfrieren des Systems bei Nutzung von verschiedener Software wie Chrome und Cortana,
• behebt ein Probleme mit VPN-Tools die mit einer älteren SDK Version entwickelt wurden,
• behebt Zeitzonen Probleme, führt Sicherheitskorrekturen für das Remote Desktop Problem CredSSP, dem Edge, Hyper-V und weiteren Kompoenten durch.

Das Update KB4103731 hebt das Creators Update 1703 auf die Version 15063.1088. Das Update KB4103727 erhöht die Version des Fall Creators Update 1709 auf 16299.431. Außerdem wird das Tool zum entfernen bösartiger Software auf Version 5.60 aktualisiert und erkennt einige Cryptominer.

Patchday Mai 2018 – Übersicht

• Windows 7: 11 vulnerabilities of which 2 are rated critical, 7 important, and 1 low.
• Windows 8.1: 11 vulnerabilities of which 2 are rated critical, 7 important, and 1 low
• Windows 10 version 1607: 18 vulnerabilities of which 3 are rated critical, 14 important and 1 low.
• Windows 10 version 1703: 19 vulnerabilities of which 3 are rated critical, 15 important and 1 low.
• Windows 10 version 1709: 20 vulnerabilities of which 3 are rated critical, 16 important and 1 low.
• Windows 10 version 1803: 16 vulnerabilities of which 3 are rated critical, 12 important and 1 low.

Windows Server products

• Windows Server 2008 R2: 11 vulnerabilities which 2 are rated critical, 8 important, and 1 low.
• Windows Server 2012 and 2012 R2: 11 vulnerabilities which 2 are rated critical, 8 important, and 1 low.
• Windows Server 2016: 18 vulnerabilities of which 3 are rated critical, 14 important, and 1 low.

Other Microsoft Products

• Internet Explorer 11: 9 vulnerabilities, 6 critical, 3 important
• Microsoft Edge: 18 vulnerabilities, 13 critical, 5 important

Windows Security Updates

KB4103712 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2.

• Fixed memory leak issue on SMB servers after installing KB4056897 or other recent updates.
• Fixed Remote Desktop Server connection issue.
• Security updates to Internet Explorer, Windows apps, Windows kernel, Microsoft Graphics Component, Windows storage and filesystems, HTML help, and Windows Hyper-V

KB4103715 — Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2

• same security updates as KB4103712 except SMB server fix.

KB4103718 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

• same as KB4103712

KB4103725 — Security Monthly Quality Rollup for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

• same as KB4103715
• Addressed Hangul typing issue with Microsoft’s Korean IME in Word Online.

KB4103716 — Cumulative Update for Windows 10 Version 1507

KB4103723 — Windows 10 version 1607 and Windows Server 2016 cumulative update

• Support to control Spectre Variant 2 within some AMD processors.
• Fixed web workers communication issue in Internet Explorer.
• Internet Explorer and Microsoft Edge update to respect video preload flag.
• Addressed an issue caused by rate using job objects that could cause CPU spikes, high CPU usage, and more.
• Fixed Drain Manager Cluster service stuck in the draining state sometimes.
• Fixed App-V Scripts stopping to work issue after the April 2018 Windows Servicing update.
• Addresses a transient error that may cause a disk to go to the NoRedundancy state in a Storage Spaces Direct configuration.
• Addressed issue that may cause Remote Desktop server connections to fail.
• Improves resiliency in handling network issues that may cause highly available VMs to be turned off because of I/O timeouts or Cluster Shared Volumes dismounted messages.
  Addresses an issue that prevents customers from typing Hangul correctly with Microsoft’s Korean IME in Microsoft Word Online.
  Addresses an issue that prevents customers from selecting a Microsoft add-in on a second monitor.
• Security updates to Microsoft Edge, Internet Explorer, Microsoft scripting engine, Windows app platform and frameworks, Device Guard, Windows kernel, Microsoft Graphics Component, Windows Hyper-V, HTML help, and Windows Server.

KB4103731 — Windows 10 version 1703 cumulative update

KB4103727 — Windows 10 version 1709 cumulative update

• Fixed Web Workers issue.
• Updated video preload flag handling.
• Fixed USB port functionality loss after resuming from Hibernate on AMD systems.
• Minimum password length in Group Policy set to 20 characters.
• Addressed App-V Scripts issue.
• Addressed Microsoft Word Online issue.
• Addressed second monitor Microsoft add-in selection issue.
• Addressed issue in KB4093105 that caused Mixed Reality software downloads to fail.
• Same security updates as KB4103723 plus Windows storage and filesystems, Windows virtualization and kernel security updates.

KB4103721 — Cumulative Update for Windows 10 Version 1803

• Fixed issue that caused the device to stop responding or working when using certain applications such as Chrome or Cortana.
• Fixes App-V Scripts issue.
• Fixes VPN applications not working correctly issue.
• Fixed updated time zone information issue.
• Fixed Remote Desktop Server connection issue.
• Same security updates as KB4103727

KB4056564 –Fixes CredSSP remote code execution vulnerability in Windows Server 2008, WES09, and POSReady 2009.

KB4089453 — Fixes remote assistance information disclosure vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.

KB4094079 — Fixes Hyper-V remote code execution vulnerability in Windows Server 2008.

KB4095516 — Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009.

KB4095528 — Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4099633 — Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4099634 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4099635 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2.

KB4099636 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4099637 — Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4099638 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4099639 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Windows Server 2012 R2

KB4099640 — Security Only Update for .NET Framework 2.0 on Windows Server 2008

KB4101477 — Fixes the Microsoft COM for Windows remote code execution vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.

KB4103726 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4103729 — Adobe Flash Player update.

KB4103730 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4103768 — Cumulative update for Internet Explorer.

KB4130944 — Fixes Windows common log file system driver elevation of privilege vulnerability in Windows Server 2008

KB4130957 — Patches the Windows information disclosure vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.

KB4131188 — Addresses elevation of privilege vulnerability and an information disclosure vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.

KB4134651 — Patches an elevation of privilege vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009.

Known Issues

Windows 7, and Windows Server 2008 R2

Stop error on systems that don’t support SIMD or SSE2.

Windows 10 version 1607 and Server 2016

Only the most recent Windows 10 feature update is returned after installing the March 13, 2018 or newer cumulative update.

Workaround: Decline all feature updates on the WSUS server(s) except for the one that you want to deploy using ConfigMgr. Run another software-update scan cycle from the ConfigMgr control panel or wait until the client devices perform their next scan.

Windows 10 version 1709

The English string „Reading scheduled jobs from file is not supported in this language mode“ may be displayed on some non-English Windows systems.

Security advisories and updates

ADV180008 — May 2018 Adobe Flash Security Update

Non-security related updates

• KB4131372 — Servicing stack update for Windows 10 Version 1709
• KB4135059 — Compatibility update for upgrading to Windows 10 version 1803
• KB890830 — Windows Malicious Software Removal Tool – May 2018

Microsoft Office Updates

Check out the May 2018 non-security updates overview for Office here.

Office 2016

• KB4018382 for Excel 2016
• KB4011237 for Office 2016
• KB4011239 for Office 2016
• KB4018327 for Office 2016
• KB4018383 for Word 2016

Office 2013

• KB4018399 for Excel 2013
• KB3162075 for InfoPath 2013
• KB4011253 for Office 2013
• KB4011254 for Office 2013
• KB3172436 for Office 2013
• KB4018396 for Word 2013

Office 2010

• KB4022146 for Excel 2010
• KB4011274 for Office 2010
• KB4011275 for Office 2010
• KB4022139 for Office 2010
• KB4022137 for Office 2010
• KB2899590 for Office 2010
• KB4022141 for Word 2010.