Virtual Administrator’s February 2018 Patch Recommendations

This month Microsoft released patches for 50 vulnerabilities with 14 of them rated “Critical”, 34 rated “Important” and 2 rated “Moderate”.

All February patches have been approved in our patch policy.

This month is much less dramatic than last month. Security Update for Adobe Flash Player (KB4074595) was released OOB on February 6th and was approved in our patch policy on the 7th. There are reports of this being actively exploited. A vulnerability in Edge (CVE-2018-0771) is publicly disclosed but without any reports of exploitation. That patch is included in the monthly cumulative update package.

Out-of-band security updates on 02/06/2018

018-02 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x64-based Systems (KB4074595) – see “Notable CVEs”

WARNING: The Spectre/Meltdown registry key check is still enforced. Machines will not install any cumulative updates until the key is present.
Windows security updates released January 3, 2018, and antivirus software

Important For Kaseya
IMPORTANT: Kaseya patch management is not detecting the cumulative monthly updates on the latest Windows 10 Version 1709 “Fall Creators Update” (OS Build 16299) Kaseya uses the Windows Updates API to determine which patches are needed. For some reason this is not accurately detecting the monthly cumulative update for version 1709. Other patches are detected normally. Your Kaseya patch scans will not show the cumulative patch as missing or installed. As such the agent may show fully patched when it is not.

Kaseya is working with Microsoft to correct this but has not yet given us a time-frame to resolution. Until this is fixed we will be releasing agent procedures to install the monthly updates. These agent procedures for this month’s installs are still in testing and will be released early next week.

You can also turn Windows updates back ON in Kaseya from Patch Management> Configure> Windows Auto Update until this issue has been resolved.

You can create a Custom View to find those agents on Windows 10 Version 1709 by adding the build number – Under “OS Info” add “OS Type: Windows 10” and “OS version filter: *16299*” We will update all partner once this problem is corrected.

Security Update Guide

Affected software include:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • Adobe Flash

Known Issues per Microsoft: None

Monthly Rollup/Security Only/Windows 10/Server 2016 KBs

Links are with the KB number only.

Security and Quality Rollup

KB4074598 – Windows 7, Windows Server 2008 R2
KB4074594 – Windows 8.1, Windows Server 2012 R2
KB4074593 – Windows Server 2012

Security Only Update

KB4074587 – Windows 7, Windows Server 2008 R2
KB4074597 – Windows 8.1, Windows Server 2012 R2
KB4074589 – Windows Server 2012

Cumulative Update for Windows 10

KB4074596 – Original release version 1507 (OS Build 10240)
KB4074591 – Version 1511 (OS Build 10586)
KB4074590 – Version 1607 “Anniversary Update” (OS Build 14393)
KB4074592 – Version 1703 “Creators Update” (OS Build 15063)
KB4074588 – Version 1709 “Fall Creators Update” (OS Build 16299)

Note: Server 2016 uses the same KB as Windows 10 Version 1607

KB4074736 – Cumulative Security Update for Internet Explorer 9/10/11
This cumulative update is included in the monthly updates listed above. It can be installed instead of the monthly to secure Internet Explorer otherwise it is “superseded” by the monthly update.

.NET Framework

Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1
KB4076492 – Windows 7, Windows Server 2008 R2
KB4076494 – Windows 8.1, Windows Server 2012 R2
KB4076493 – Windows Server 2012
KB4076495 – Windows Server 2008 (.NET Framework 2.0, 3.0, 4.5.2, 4.6)

KB4074595 – Security Update for Adobe Flash Player

February 2018 updates for Microsoft Office

Notable CVEs

CVE-2018-4878 | Security update for Adobe Flash Player
A critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.

CVE-2018-0771 | Microsoft Edge Security Feature Bypass Vulnerability
The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.