Microsoft Security Bulletin Re-Releases/Advisories

Discussion in 'Virus Software Updates (Read Only)' started by NICK ADSL UK, Jun 19, 2008.

  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    February 2021 Security Updates
    Updates this Month


    This release consists of security updates for the following products, features and roles.

    • .NET Core
    • .NET Framework
    • Azure IoT
    • Developer Tools
    • Microsoft Azure Kubernetes Service
    • Microsoft Dynamics
    • Microsoft Edge for Android
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Windows Codecs Library
    • Role: DNS Server
    • Role: Hyper-V
    • Role: Windows Fax Service
    • Skype for Business
    • SysInternals
    • System Center
    • Visual Studio
    • Windows Address Book
    • Windows Backup Engine
    • Windows Console Driver
    • Windows Defender
    • Windows DirectX
    • Windows Event Tracing
    • Windows Installer
    • Windows Kernel
    • Windows Mobile Device Management
    • Windows Network File System
    • Windows PFX Encryption
    • Windows PKU2U
    • Windows PowerShell
    • Windows Print Spooler Components
    • Windows Remote Procedure Call
    • Windows TCP/IP
    • Windows Trust Verification API
    Relevant Information

    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    4493194 SharePoint Server 2019
    4493195 SharePoint Enterprise Server 2016
    4493210 SharePoint Foundation 2013
    4493223 SharePoint Foundation 2010
    4571787 Exchange Server 2019
    4600944 Security and Quality Rollup for .NET Framework 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1
    4600945 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 SP1 and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
    4600957 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012
    4601048 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2
    4601050 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2
    4601051 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016
    4601052 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703
    4601054 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803
    4601055 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019
    4601056 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909, and Windows Server, version 1909
    4601057 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012
    4601058 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2
    4601060 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server, version 2019
    4601315 Windows 10, Version 1909, Windows Server, Version 1909
    4601318 Windows 10, Version 1607, Windows Server 2016
    4601319 Windows 10, version 2004
    4601345 Windows 10, Version 1809, Windows Server 2019
    4601347 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    4601348 Windows Server 2012 (Monthly Rollup)
    4601349 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    4601357 Windows Server 2012 (Security-only update)
    4601360 Windows Server 2008 (Monthly Rollup)
    4601363 Windows 7, Windows Server 2008 R2 (Security-only update)
    4601366 Windows Server 2008 (Security-only update)
    4601384 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    4601887 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019
    4602269 Exchange Server 2019, Exchange Server 2016
    4603002 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1
    4603003 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012
    4603004 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2
    4603005 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2
    https://msrc.microsoft.com/update-guide/releaseNote/2021-Feb
     
  2. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    March 2021 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Application Virtualization
    • Azure
    • Azure DevOps
    • Azure Sphere
    • Internet Explorer
    • Microsoft ActiveX
    • Microsoft Exchange Server
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office PowerPoint
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft Windows Codecs Library
    • Power BI
    • Role: DNS Server
    • Role: Hyper-V
    • Visual Studio
    • Visual Studio Code
    • Windows Admin Center
    • Windows Container Execution Agent
    • Windows DirectX
    • Windows Error Reporting
    • Windows Event Tracing
    • Windows Extensible Firmware Interface
    • Windows Folder Redirection
    • Windows Installer
    • Windows Media
    • Windows Overlay Filter
    • Windows Print Spooler Components
    • Windows Projected File System Filter Driver
    • Windows Registry
    • Windows Remote Access API
    • Windows Storage Spaces Controller
    • Windows Update Assistant
    • Windows Update Stack
    • Windows UPnP Device Host
    • Windows User Profile Service
    • Windows WalletService
    • Windows Win32K

    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Please see the following for more information on the Microsoft Exchange Server Vulnerabilities:

    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5000802 Windows 10, Version 2004, Windows Server, Version 2004
    5000803 Windows 10, Version 1607, Windows Server 2016
    5000808 Windows 10, Version 1909, Windows Server, Version 1909
    5000822 Windows 10, Version 1809, Windows Server 2019
    5000840 Windows Server 2012 (Security-only update)
    5000841 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5000844 Windows Server 2008 (Monthly Rollup)
    5000847 Windows Server 2012 (Monthly Rollup)
    5000848 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5000851 Windows 7, Windows Server 2008 R2 (Security-only update)
    5000853 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    5000856 Windows Server 2008 (Security-only update)
    5000871 Microsoft Exchange Server 2019, 2016 and 2013
    5000978 Microsoft Exchange Server 2010
    Released: Mar 9, 2021
    March 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  3. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    April 2021 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Azure AD Web Sign-in
    • Azure DevOps
    • Azure Sphere
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Internet Messaging API
    • Microsoft NTFS
    • Microsoft Office Excel
    • Microsoft Office Outlook
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft Windows Codecs Library
    • Microsoft Windows Speech
    • Open Source Software
    • Role: DNS Server
    • Role: Hyper-V
    • Visual Studio
    • Visual Studio Code
    • Visual Studio Code - GitHub Pull Requests and Issues Extension
    • Visual Studio Code - Kubernetes Tools
    • Visual Studio Code - Maven for Java Extension
    • Windows Application Compatibility Cache
    • Windows AppX Deployment Extensions
    • Windows Console Driver
    • Windows Diagnostic Hub
    • Windows Early Launch Antimalware Driver
    • Windows ELAM
    • Windows Event Tracing
    • Windows Installer
    • Windows Kernel
    • Windows Media Player
    • Windows Network File System
    • Windows Overlay Filter
    • Windows Portmapping
    • Windows Registry
    • Windows Remote Procedure Call Runtime
    • Windows Resource Manager
    • Windows Secure Kernel Mode
    • Windows Services and Controller App
    • Windows SMB Server
    • Windows TCP/IP
    • Windows Win32K
    • Windows WLAN Auto Config Service
    Please note the following information regarding the security updates:

    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    4504715 SharePoint Server 2019 Language Pack
    4504716 SharePoint Server 2019
    5001330 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2
    5001332 Windows Server 2008 (Security-only update)
    5001335 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5001337 Windows 10, Version 1909, Windows Server, Version 1909
    5001342 Windows 10, Version 1809, Windows Server 2019
    5001347 Windows 10, Version 1607, Windows Server 2016
    5001382 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5001383 Windows Server 2012 (Security-only update)
    5001387 Windows Server 2012 (Monthly Rollup)
    5001389 Windows Server 2008 (Monthly Rollup)
    5001392 Windows 7, Windows Server 2008 R2 (Security-only update)
    5001393 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    5001779 Microosft Exchange Server 2019, 2016, 2013

    April 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  4. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    May 2021 Security Updates


    Updates this Month



    This release consists of security updates for the following products, features and roles.



    • .NET Core & Visual Studio

    • HTTP.sys

    • Internet Explorer

    • Microsoft Accessibility Insights for Web

    • Microsoft Bluetooth Driver

    • Microsoft Dynamics Finance & Operations

    • Microsoft Exchange Server

    • Microsoft Graphics Component

    • Microsoft Office

    • Microsoft Office Access

    • Microsoft Office Excel

    • Microsoft Office SharePoint

    • Microsoft Office Word

    • Microsoft Windows Codecs Library

    • Microsoft Windows IrDA

    • Open Source Software

    • Role: Hyper-V

    • Skype for Business and Microsoft Lync

    • Visual Studio

    • Visual Studio Code

    • Windows Container Isolation FS Filter Driver

    • Windows Container Manager Service

    • Windows Cryptographic Services

    • Windows CSC Service

    • Windows Desktop Bridge

    • Windows OLE

    • Windows Projected File System FS Filter

    • Windows RDP Client

    • Windows SMB

    • Windows SSDP Service

    • Windows WalletService

    • Windows Wireless Networking
    Please note the following information regarding the security updates:



    Security Update Guide Blog Posts

    Date Blog Post

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Information

    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds

    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.



    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5003169 Windows 10, Version 1909, Windows Server, Version 1909

    5003171 Windows 10, Version 1809, Windows Server 2019

    5003173 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2

    5003197 Windows 10, Version 1607, Windows Server 2016

    5003203 Windows Server 2012 (Security-only update)

    5003208 Windows Server 2012 (Monthly Rollup)

    5003209 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

    5003210 Windows Server 2008 SP2 (Monthly Rollup)

    5003220 Windows 8.1 Windows Server 2012 R2 (Security-only update)

    5003225 Windows Server 2008 SP2 (Security-only update)

    5003228 Windows 7 SP2, Windows Server 2008 R2 (Security-only update)

    5003233 Windows 7 SP2, Windows Server 2008 R2 (Monthly Rollup)

    5003435 Exchange Server 2019, 2016, and 2013



    May 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  5. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    **************************************************************************************
    Title: Microsoft Security Update Releases
    Issued: May 27, 2021
    **************************************************************************************

    Summary
    =======

    The following CVEs have been released on May 27, 2021.

    * CVE-2021-31982
    * CVE-2021-31937

    - CVE-2021-31937 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
    - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31937
    - Version 1.0
    - Reason for Revision: Information published.
    - Originally posted: May 27, 2021
    - Updated: N/A
    - Aggregate CVE Severity Rating: Important


    - CVE-2021-31982 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
    - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31982
    - Version 1.0
    - Reason for Revision: Information published.
    - Originally posted: May 27, 2021
    - Updated: N/A
    - Aggregate CVE Severity Rating: Important


    The following CVEs were assigned by Chrome. Microsoft Edge
    (Chromium-based) ingests Chromium, which addresses these vulnerabilities. Please see
    Google Chrome Releases (https://chromereleases.googleblog.com/2021) for more information.

    See
    https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/
    for more information about third-party CVEs in the Security Update Guide.

    * CVE-2021-30521
    * CVE-2021-30522
    * CVE-2021-30523
    * CVE-2021-30524
    * CVE-2021-30525
    * CVE-2021-30526
    * CVE-2021-30527
    * CVE-2021-30528
    * CVE-2021-30529
    * CVE-2021-30530
    * CVE-2021-30531
    * CVE-2021-30532
    * CVE-2021-30533
    * CVE-2021-30534
    * CVE-2021-30535
    * CVE-2021-30536
    * CVE-2021-30537
    * CVE-2021-30538
    * CVE-2021-30539
    * CVE-2021-30540

    Revision Information:
    =====================

    - Version 1.0
    - Reason for Revision: Information published.
    - Originally posted: May 27, 2021
     
  6. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    June 2021 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core & Visual Studio
    • 3D Viewer
    • Microsoft DWM Core Library
    • Microsoft Intune
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office Outlook
    • Microsoft Office SharePoint
    • Microsoft Scripting Engine
    • Microsoft Windows Codecs Library
    • Paint 3D
    • Role: Hyper-V
    • Visual Studio Code - Kubernetes Tools
    • Windows Bind Filter Driver
    • Windows Common Log File System Driver
    • Windows Cryptographic Services
    • Windows DCOM Server
    • Windows Defender
    • Windows Drivers
    • Windows Event Logging Service
    • Windows Filter Manager
    • Windows HTML Platform
    • Windows Installer
    • Windows Kerberos
    • Windows Kernel
    • Windows Kernel-Mode Drivers
    • Windows Network File System
    • Windows NTFS
    • Windows NTLM
    • Windows Print Spooler Components
    • Windows Remote Desktop
    • Windows TCP/IP
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5001944 SharePoint Server 2019
    5001946 SharePoint Enterprise Server 2016
    5001962 SharePoint Foundation 2013
    5003635 Windows 10, Version 1909
    5003637 Windows 10, version 21H1, Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2
    5003646 Windows 10, Version 1809, Windows Server 2019
    5003661 Windows Server 2008 Service Pack 2 ((Monthly Rollup)
    5003667 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Monthly Rollup)
    5003671 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5003681 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5003694 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Security-only update)
    5003695 Windows Server 2008 Service Pack 2 (Security-only update)
    5003696 Windows Server 2012 (Security-only update)
    5003697 Windows Server 2012 (Monthly Rollup)

    June 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  7. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    July 2021 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Common Internet File System
    • Dynamics Business Central Control
    • Microsoft Bing
    • Microsoft Dynamics
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Scripting Engine
    • Microsoft Windows Codecs Library
    • Microsoft Windows DNS
    • Microsoft Windows Media Foundation
    • OpenEnclave
    • Power BI
    • Role: DNS Server
    • Role: Hyper-V
    • Visual Studio Code
    • Visual Studio Code - .NET Runtime
    • Visual Studio Code - Maven for Java Extension
    • Windows Active Directory
    • Windows Address Book
    • Windows AF_UNIX Socket Provider
    • Windows AppContainer
    • Windows AppX Deployment Extensions
    • Windows Authenticode
    • Windows Cloud Files Mini Filter Driver
    • Windows Console Driver
    • Windows Defender
    • Windows Desktop Bridge
    • Windows Event Tracing
    • Windows File History Service
    • Windows Hello
    • Windows HTML Platform
    • Windows Installer
    • Windows Kernel
    • Windows Key Distribution Center
    • Windows Local Security Authority Subsystem Service
    • Windows MSHTML Platform
    • Windows Partition Management Driver
    • Windows PFX Encryption
    • Windows Print Spooler Components
    • Windows Projected File System
    • Windows Remote Access Connection Manager
    • Windows Remote Assistance
    • Windows Secure Kernel Mode
    • Windows Security Account Manager
    • Windows Shell
    • Windows SMB
    • Windows Storage Spaces Controller
    • Windows TCP/IP
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5004237 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2, Windows 10, Version 21H1
    5004244 Windows 10, Version 1809, Windows Server 2019
    5004285 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    5004289 Windows 7 SP1, Windows Server 2008 R2 SP1 (Monthly Rollup)
    5004294 Windows Server 2012 (Monthly Rollup)
    5004298 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5004299 Windows Server 2008 SP2 (Security-only update)
    5004302 Windows Server 2012 (Security-only update)
    5004305 Windows Server 2008 SP2 (Monthly Rollup)
    5004307 Windows 7 SP1, Windows Server 2008 R2 SP1(Security-only update)
    5004778 Exchange Server 2013
    5004779 Exchange Server 2016
    5004780 Exchange Server 2019

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul
     
  8. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    August 2021 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core & Visual Studio
    • ASP .NET
    • Azure
    • Azure Sphere
    • Microsoft Azure Active Directory Connect
    • Microsoft Dynamics
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft Scripting Engine
    • Microsoft Windows Codecs Library
    • Remote Desktop Client
    • Windows Bluetooth Service
    • Windows Cryptographic Services
    • Windows Defender
    • Windows Event Tracing
    • Windows Media
    • Windows MSHTML Platform
    • Windows NTLM
    • Windows Print Spooler Components
    • Windows Services for NFS ONCRPC XDR Driver
    • Windows Storage Spaces Controller
    • Windows TCP/IP
    • Windows Update
    • Windows Update Assistant
    • Windows User Profile Service
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts

    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5005030 Windows 10, Version 1809, Windows Server 2019
    5005031 Windows 10, Version 1909
    5005033 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2, Windows 10, Version 21H1
    5005040 Windows 10
    5005076 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5005088 Windows 7 SP1, Windows Server 2008 R2 SP1 (Monthly Rollup)
    5005089 Windows 7 SP1, Windows Server 2008 R2 SP1 (Security-only update)
    5005090 Windows Server 2008 SP2 (Monthly Rollup)
    5005094 Windows Server 2012 (Security-only update)
    5005095 Windows Server 2008 SP2 (Security-only update)
    5005099 Windows Server 2012 (Monthly Rollup)
    5005106 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)

    Released: Aug 10, 2021
    August 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  9. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    September 2021 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Azure Open Management Infrastructure
    • Azure Sphere
    • Dynamics Business Central Control
    • Microsoft Accessibility Insights for Android
    • Microsoft Edge (Chromium-based)
    • Microsoft Edge for Android
    • Microsoft MPEG-2 Video Extension
    • Microsoft Office
    • Microsoft Office Access
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft Office Word
    • Microsoft Windows Codecs Library
    • Microsoft Windows DNS
    • Visual Studio
    • Windows Ancillary Function Driver for WinSock
    • Windows Authenticode
    • Windows Bind Filter Driver
    • Windows BitLocker
    • Windows Common Log File System Driver
    • Windows Event Tracing
    • Windows Installer
    • Windows Kernel
    • Windows Key Storage Provider
    • Windows MSHTML Platform
    • Windows Print Spooler Components
    • Windows Redirected Drive Buffering
    • Windows Scripting
    • Windows SMB
    • Windows Storage
    • Windows Subsystem for Linux
    • Windows TDX.sys
    • Windows Update
    • Windows Win32K
    • Windows WLAN Auto Config Service
    • Windows WLAN Service
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5005565 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2
    5005568 Windows 10, Version 1809
    5005606 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5005607 Windows Server 2012 (Security-only update)
    5005613 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5005615 Windows 7, Windows Server 2008 R2 (Security-only update)
    5005618 Windows Server 2008 (Security-only update)
    5005623 Windows Server 2012 (Monthly Rollup)
    5005627 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    5005633 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

    Released: Sep 14, 2021
    https://msrc.microsoft.com/update-guide/releaseNote/2021-Sep
     
  10. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    October 2021 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core & Visual Studio
    • Active Directory Federation Services
    • Console Window Host
    • HTTP.sys
    • Microsoft DWM Core Library
    • Microsoft Dynamics
    • Microsoft Dynamics 365 Sales
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Intune
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft Office Word
    • Microsoft Windows Codecs Library
    • Rich Text Edit Control
    • Role: DNS Server
    • Role: Windows Active Directory Server
    • Role: Windows AD FS Server
    • Role: Windows Hyper-V
    • System Center
    • Visual Studio
    • Windows AppContainer
    • Windows AppX Deployment Service
    • Windows Bind Filter Driver
    • Windows Cloud Files Mini Filter Driver
    • Windows Common Log File System Driver
    • Windows Desktop Bridge
    • Windows DirectX
    • Windows Event Tracing
    • Windows exFAT File System
    • Windows Fastfat Driver
    • Windows Installer
    • Windows Kernel
    • Windows MSHTML Platform
    • Windows Nearby Sharing
    • Windows Network Address Translation (NAT)
    • Windows Print Spooler Components
    • Windows Remote Procedure Call Runtime
    • Windows Storage Spaces Controller
    • Windows TCP/IP
    • Windows Text Shaping
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • IMPORTANT ANNOUNCEMENT: In the coming months we will be moving to a new, more user-friendly and flexible system for delivering Microsoft Technical Security Notifications. Upcoming information about how you can sign up for and receive these Technical Security Notifications will be coming soon.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5006670 Windows 10, Version 20H2
    5006672 Windows 10, Version 1809, Windows Server 2019
    5006714 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5006715 Windows Server 2008 SP2 (Security-only update)
    5006728 Windows 7, Windows Server 2008 R2 (Security-only update)
    5006729 Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)
    5006732 Windows Server 2012 (Security-only update)
    5006736 Windows Server 2008 SP2 (Monthly Rollup)
    5006739 Windows Server 2012 (Monthly Rollup)
    5006743 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5007011 Exchange Server 2013
    5007012 Exchange Server 2016, Exchange Server 2019
    Released: Oct 12, 2021

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct
     
  11. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    November 2021 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • 3D Viewer
    • Azure
    • Azure RTOS
    • Azure Sphere
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Edge (Chromium-based) in IE Mode
    • Microsoft Exchange Server
    • Microsoft Office
    • Microsoft Office Access
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft Windows
    • Microsoft Windows Codecs Library
    • Power BI
    • Role: Windows Hyper-V
    • Visual Studio
    • Visual Studio Code
    • Windows Active Directory
    • Windows COM
    • Windows Core Shell
    • Windows Cred SSProvider Protocol
    • Windows Defender
    • Windows Desktop Bridge
    • Windows Diagnostic Hub
    • Windows Fastfat Driver
    • Windows Feedback Hub
    • Windows Hello
    • Windows Installer
    • Windows Kernel
    • Windows NTFS
    • Windows RDP
    • Windows Scripting
    • Windows Virtual Machine Bus
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5007186 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2, Windows 10, Version 21H1, Windows Server, Version 21H1
    5007189 Windows 10, Version 1909
    5007192 Windows 10, Version 1607, Windows Server 2016
    5007205 Windows Server 2022
    5007206 Windows 10, Version 1809, Windows Server 2019
    5007207 Windows 10
    5007233 Windows 7, Windows Server 2008 R2 (Security-only update)
    5007236 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5007245 Windows Server 2012 (Security-only update)
    5007246 Windows Server 2008 (Security-only update)
    5007247 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5007255 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5007260 Windows Server 2012 (Monthly Rollup)
    5007263 Windows Server 2008 (Monthly Rollup)
    5007409 Exchange Server
    Released: 9 Nov 2021

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Nov
     
  12. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    December 2021 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Apps
    • ASP.NET Core & Visual Studio
    • Azure Bot Framework SDK
    • BizTalk ESB Toolkit
    • Internet Storage Name Service
    • Microsoft Defender for IoT
    • Microsoft Devices
    • Microsoft Edge (Chromium-based)
    • Microsoft Local Security Authority Server (lsasrv)
    • Microsoft Message Queuing
    • Microsoft Office
    • Microsoft Office Access
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft PowerShell
    • Microsoft Windows Codecs Library
    • Office Developer Platform
    • Remote Desktop Client
    • Role: Windows Fax Service
    • Role: Windows Hyper-V
    • Visual Studio Code
    • Visual Studio Code - WSL Extension
    • Windows Common Log File System Driver
    • Windows Digital TV Tuner
    • Windows DirectX
    • Windows Encrypting File System (EFS)
    • Windows Event Tracing
    • Windows Installer
    • Windows Kernel
    • Windows Media
    • Windows Mobile Device Management
    • Windows NTFS
    • Windows Print Spooler Components
    • Windows Remote Access Connection Manager
    • Windows Storage
    • Windows Storage Spaces Controller
    • Windows SymCrypt
    • Windows TCP/IP
    • Windows Update Stack
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5008207 Windows 10, Version 1607, Windows Server 2016
    5008212 Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2, Windows 10, Version 21H1
    5008218 Windows 10, Version 1809, Windows Server 2019
    5008223 Windows Server 2022
    5008244 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5008255 Windows Server 2012 (Security-only update)
    5008263 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5008271 Windows Server 2008 (Security-only update)
    5008274 Windows Server 2008 (Monthly Rollup)
    5008277 Windows Server 2012 (Monthly Rollup)
    5008282 Windows 7, Windows Server 2008 R2 (Security-only update)
    5008285 Windows 8.1, Windows Server 2012 R2 (Security-only update)

    Released: Dec 14, 2021


    December 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  13. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    January 2022 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Framework
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft Teams
    • Microsoft Windows Codecs Library
    • Open Source Software
    • Role: Windows Hyper-V
    • Tablet Windows User Interface
    • Windows Account Control
    • Windows Active Directory
    • Windows AppContracts API Server
    • Windows Application Model
    • Windows BackupKey Remote Protocol
    • Windows Bind Filter Driver
    • Windows Certificates
    • Windows Cleanup Manager
    • Windows Clipboard User Service
    • Windows Cluster Port Driver
    • Windows Common Log File System Driver
    • Windows Connected Devices Platform Service
    • Windows Cryptographic Services
    • Windows Defender
    • Windows Devices Human Interface
    • Windows Diagnostic Hub
    • Windows DirectX
    • Windows DWM Core Library
    • Windows Event Tracing
    • Windows Geolocation Service
    • Windows HTTP Protocol Stack
    • Windows IKE Extension
    • Windows Installer
    • Windows Kerberos
    • Windows Kernel
    • Windows Libarchive
    • Windows Local Security Authority
    • Windows Local Security Authority Subsystem Service
    • Windows Modern Execution Server
    • Windows Push Notifications
    • Windows RDP
    • Windows Remote Access Connection Manager
    • Windows Remote Desktop
    • Windows Remote Procedure Call Runtime
    • Windows Resilient File System (ReFS)
    • Windows Secure Boot
    • Windows Security Center
    • Windows StateRepository API
    • Windows Storage
    • Windows Storage Spaces Controller
    • Windows System Launcher
    • Windows Task Flow Data Engine
    • Windows Tile Data Repository
    • Windows UEFI
    • Windows UI Immersive Server
    • Windows User Profile Service
    • Windows User-mode Driver Framework
    • Windows Virtual Machine IDE Drive
    • Windows Win32K
    • Windows Workstation Service Remote Protocol
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: A Brand-New Notification System!
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002109 SharePoint Server 2019 Core
    5002111 SharePoint Server Subscription Edition Core
    5002113 SharePoint Enterprise Server 2016
    5002127 SharePoint Foundation 2013
    5008631 Microsoft Exchange Server 2013, 2016, 2019
    5009543 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5009546 Windows 10, version 1607, Windows Server 2016
    5009555 Windows Server 2022
    5009557 Windows Server 2019
    5009566 Windows 11
    5009586 Windows Server 2012 (Monthly Rollup)
    5009595 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5009601 Windows Server 2008 (Security-only update)
    5009610 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5009619 Windows Server 2012 (Security-only update)
    5009621 Windows 7, Windows Server 2008 R2 (Security-only update)
    5009624 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5009627 Windows Server 2008 (Monthly Rollup)

    Released: Jan 11, 2022
    January 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  14. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    February 2022 Security Updates

    Updates this Month



    This release consists of security updates for the following products, features and roles.



    • Azure Data Explorer

    • Kestrel Web Server

    • Microsoft Dynamics

    • Microsoft Dynamics GP

    • Microsoft Edge (Chromium-based)

    • Microsoft Office

    • Microsoft Office Excel

    • Microsoft Office Outlook

    • Microsoft Office SharePoint

    • Microsoft Office Visio

    • Microsoft OneDrive

    • Microsoft Teams

    • Microsoft Windows Codecs Library

    • Power BI

    • Roaming Security Rights Management Services

    • Role: DNS Server

    • Role: Windows Hyper-V

    • SQL Server

    • Visual Studio Code

    • Windows Common Log File System Driver

    • Windows DWM Core Library

    • Windows Kernel

    • Windows Kernel-Mode Drivers

    • Windows Named Pipe File System

    • Windows Print Spooler Components

    • Windows Remote Access Connection Manager

    • Windows Remote Procedure Call Runtime

    • Windows User Account Profile

    • Windows Win32K
    Please note the following information regarding the security updates:



    Security Update Guide Blog Posts

    Date Blog Post

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Information

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds

    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.



    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5010342 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

    5010351 Windows 10, version 1809, Windows Server 2019

    5010354 Windows Server 2022

    5010384 Windows Server 2008 (Monthly Rollup)

    5010392 Windows Server 2012 (Monthly Rollup)

    5010395 Windows 8.1, Windows Server 2012 R2 (Security-only update)

    5010403 Windows Server 2008 (Security-only update)

    5010404 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

    5010412 Windows Server 2012 (Security-only update)

    5010419 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

    5010422 Windows 7, Windows Server 2008 R2 (Security-only update)

    5002135 SharePoint Server 2019

    Released: Feb 8, 2022



    February 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  15. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    March 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET and Visual Studio
    • Azure Site Recovery
    • Microsoft Defender for Endpoint
    • Microsoft Defender for IoT
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Intune
    • Microsoft Office Visio
    • Microsoft Office Word
    • Microsoft Windows ALPC
    • Microsoft Windows Codecs Library
    • Paint 3D
    • Role: Windows Hyper-V
    • Skype Extension for Chrome
    • Tablet Windows User Interface
    • Visual Studio Code
    • Windows Ancillary Function Driver for WinSock
    • Windows CD-ROM Driver
    • Windows Cloud Files Mini Filter Driver
    • Windows COM
    • Windows Common Log File System Driver
    • Windows DWM Core Library
    • Windows Event Tracing
    • Windows Fastfat Driver
    • Windows Fax and Scan Service
    • Windows HTML Platform
    • Windows Installer
    • Windows Kernel
    • Windows Media
    • Windows PDEV
    • Windows Point-to-Point Tunneling Protocol
    • Windows Print Spooler Components
    • Windows Remote Desktop
    • Windows Security Support Provider Interface
    • Windows SMB Server
    • Windows Update Stack
    • XBox
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5010324 Microsoft Exchange Server 2103
    5011487 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5011495 Windows 10, version 1607, Windows Server 2016
    5011497 Windows Server 2022
    5011503 Windows 10, version 1809, Windows Server 2019
    5011525 Windows Server 2008 (Security-only update)
    5011527 Windows Server 2012 (Security-only update)
    5011529 Windows 7, Windows Server 2008 R2 (Security-only update)
    5011534 Windows Server 2008 (Monthly Rollup)
    5011535 Windows Server 2012 (Monthly Rollup)
    5011552 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5011560 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5011564 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5012698 Microsoft Exchange Server 2016, 2019
    Released: Mar 8, 2022
    March 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  16. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    April 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Framework
    • Active Directory Domain Services
    • Azure SDK
    • Azure Site Recovery
    • LDAP - Lightweight Directory Access Protocol
    • Microsoft Bluetooth Driver
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Local Security Authority Server (lsasrv)
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Windows ALPC
    • Microsoft Windows Codecs Library
    • Microsoft Windows Media Foundation
    • Power BI
    • Role: DNS Server
    • Role: Windows Hyper-V
    • Skype for Business
    • Visual Studio
    • Visual Studio Code
    • Windows Ancillary Function Driver for WinSock
    • Windows App Store
    • Windows AppX Package Manager
    • Windows Cluster Client Failover
    • Windows Cluster Shared Volume (CSV)
    • Windows Common Log File System Driver
    • Windows Defender
    • Windows DWM Core Library
    • Windows Endpoint Configuration Manager
    • Windows Fax Compose Form
    • Windows Feedback Hub
    • Windows File Explorer
    • Windows File Server
    • Windows Installer
    • Windows iSCSI Target Service
    • Windows Kerberos
    • Windows Kernel
    • Windows Local Security Authority Subsystem Service
    • Windows Media
    • Windows Network File System
    • Windows PowerShell
    • Windows Print Spooler Components
    • Windows RDP
    • Windows Remote Procedure Call Runtime
    • Windows schannel
    • Windows SMB
    • Windows Telephony Server
    • Windows Upgrade Assistant
    • Windows User Profile Service
    • Windows Win32K
    • Windows Work Folder Service
    • YARP reverse proxy
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5012591 Windows 10, version 1909
    5012592 Windows 11
    5012596 Windows 10, version 1607, Windows Server 2016
    5012599 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5012604 Windows Server 2022
    5012626 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5012632 Windows Server 2008 (Security-only update)
    5012639 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5012647 Windows 10, version 1809
    5012649 Windows 7, Windows Server 2008 R2 (Security-only update)
    5012650 Windows Server 2012 (Monthly Rollup)
    5012653 Windows 10
    5012658 Windows Server 2008 (Monthly Rollup)
    5012666 Windows Server 2012 (Security-only update)
    5012670 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5002191 SharePoint Server Subscription Edition

    April 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  17. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    May 2022 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET and Visual Studio

    • Microsoft Exchange Server

    • Microsoft Graphics Component

    • Microsoft Local Security Authority Server (lsasrv)

    • Microsoft Office

    • Microsoft Office Excel

    • Microsoft Office SharePoint

    • Microsoft Windows ALPC

    • Remote Desktop Client

    • Role: Windows Fax Service

    • Role: Windows Hyper-V

    • Self-hosted Integration Runtime

    • Tablet Windows User Interface

    • Visual Studio

    • Visual Studio Code

    • Windows Active Directory

    • Windows Address Book

    • Windows Authentication Methods

    • Windows BitLocker

    • Windows Cluster Shared Volume (CSV)

    • Windows Failover Cluster Automation Server

    • Windows Kerberos

    • Windows Kernel

    • Windows LDAP - Lightweight Directory Access Protocol

    • Windows Media

    • Windows Network File System

    • Windows NTFS

    • Windows Point-to-Point Tunneling Protocol

    • Windows Print Spooler Components

    • Windows Push Notifications

    • Windows Remote Access Connection Manager

    • Windows Remote Desktop

    • Windows Remote Procedure Call Runtime

    • Windows Server Service

    • Windows Storage Spaces Controller

    • Windows WLAN Auto Config Service
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts

    Date

    Blog Post

    January 11, 2022

    Coming Soon: New Security Update Guide Notification System

    February 9, 2021

    Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021

    Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020

    Security Update Guide: Let’s keep the conversation going

    November 9, 2020

    Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Information

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds

    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article

    Applies To

    5011363

    New Exchange Server Security Update and Hotfix Packaging

    5013941

    Windows 10, version 1809, Windows Server 2019

    5013942

    Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

    5013943

    Windows 11

    5013944

    Windows Server 2022

    5013952

    Windows 10, version 1607, Windows Server 2016

    5013999

    Windows 7, Windows Server 2008 R2 (Security-only update)

    5014001

    Windows 8.1, Windows Server 2012 R2 (Security-only update)

    5014006

    Windows Server 2008 (Security-only update)

    5014010

    Windows Server 2008 (Monthly Rollup)

    5014011

    Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

    5014012

    Windows 7, Windows Server 2008 R2 (Monthly Rollup)

    5014017

    Windows Server 2012 (Monthly Rollup)

    5014018

    Windows Server 2012 (Security-only update)

    Released: 10 May 2022

    https://msrc.microsoft.com/update-guide/releaseNote/2022-May
     
  18. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    June 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET and Visual Studio
    • Azure OMI
    • Azure Real Time Operating System
    • Azure Service Fabric Container
    • Intel
    • Microsoft Edge (Chromium-based)
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Windows ALPC
    • Microsoft Windows Codecs Library
    • Remote Volume Shadow Copy Service (RVSS)
    • Role: Windows Hyper-V
    • SQL Server
    • Windows Ancillary Function Driver for WinSock
    • Windows App Store
    • Windows Autopilot
    • Windows Container Isolation FS Filter Driver
    • Windows Container Manager Service
    • Windows Defender
    • Windows Encrypting File System (EFS)
    • Windows File History Service
    • Windows Installer
    • Windows iSCSI
    • Windows Kerberos
    • Windows Kernel
    • Windows LDAP - Lightweight Directory Access Protocol
    • Windows Local Security Authority Subsystem Service
    • Windows Media
    • Windows Network Address Translation (NAT)
    • Windows Network File System
    • Windows PowerShell
    • Windows SMB
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002219 SharePoint Foundation 2013
    5014692 Windows Server 2019
    5014697 Windows 11
    5014699 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5014738 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5014741 Windows Server 2012 (Security-only update)
    5014742 Windows 7, Windows Server 2008 R2 (Security-only update)
    5014743 Windows Server 2008 (Security-only update)
    5014746 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5014747 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5014748 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5014752 Windows Server 2008 (Monthly Rollup)
    Released: Jun 14, 2022
    June 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  19. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    July 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • AMD CPU Branch
    • Azure Site Recovery
    • Azure Storage Library
    • Microsoft Defender for Endpoint
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office
    • Open Source Software
    • Role: DNS Server
    • Role: Windows Fax Service
    • Role: Windows Hyper-V
    • Skype for Business and Microsoft Lync
    • Windows Active Directory
    • Windows Advanced Local Procedure Call
    • Windows BitLocker
    • Windows Boot Manager
    • Windows Client/Server Runtime Subsystem
    • Windows Connected Devices Platform Service
    • Windows Credential Guard
    • Windows Fast FAT Driver
    • Windows Fax and Scan Service
    • Windows Group Policy
    • Windows IIS
    • Windows Kernel
    • Windows Media
    • Windows Network File System
    • Windows Performance Counters
    • Windows Point-to-Point Tunneling Protocol
    • Windows Portable Device Enumerator Service
    • Windows Print Spooler Components
    • Windows Remote Procedure Call Runtime
    • Windows Security Account Manager
    • Windows Server Service
    • Windows Shell
    • Windows Storage
    • XBox
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5015807 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5015811 Windows 10, version 1809, Windows Server 2019
    5015814 Windows 11
    5015827 Windows Server 2022
    5015861 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5015862 Windows 7, Windows Server 2008 R2 (Security-only update)
    5015863 Windows Server 2012 (Monthly Rollup)
    5015866 Windows Server 2008 (Monthly Rollup)
    5015870 Windows Server 2008 (Security-only update)
    5015874 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5015875 Windows Server 2012 (Security-only update)
    5015877 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    Released: 12 Jul 2022
    July 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  20. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    August 2022 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core
    • Active Directory Domain Services
    • Azure Batch Node Agent
    • Azure Real Time Operating System
    • Azure Site Recovery
    • Azure Sphere
    • Microsoft ATA Port Driver
    • Microsoft Bluetooth Driver
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office Outlook
    • Microsoft Windows Support Diagnostic Tool (MSDT)
    • Remote Access Service Point-to-Point Tunneling Protocol
    • Role: Windows Fax Service
    • Role: Windows Hyper-V
    • System Center Operations Manager
    • Visual Studio
    • Windows Bluetooth Service
    • Windows Canonical Display Driver
    • Windows Cloud Files Mini Filter Driver
    • Windows Defender Credential Guard
    • Windows Digital Media
    • Windows Error Reporting
    • Windows Hello
    • Windows Internet Information Services
    • Windows Kerberos
    • Windows Kernel
    • Windows Local Security Authority (LSA)
    • Windows Network File System
    • Windows Partition Management Driver
    • Windows Point-to-Point Tunneling Protocol
    • Windows Print Spooler Components
    • Windows Secure Boot
    • Windows Secure Socket Tunneling Protocol (SSTP)
    • Windows Storage Spaces Direct
    • Windows Unified Write Filter
    • Windows WebBrowser Control
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5012170 Windows 11, Secure Boot Standalone
    5016616 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5016623 Windows 10, version 1809, Windows Server 2019
    5016627 Windows Server 2022
    5016629 Windows 11
    5016669 Windows Server 2008 (Monthly Rollup)
    5016676 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5016679 Windows 7, Windows Server 2008 R2 (Security-only update)
    5016686 Windows Server 2008 (Security-only update)

    Released: Aug 9, 2022
    August 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    Last edited: Aug 9, 2022
  21. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Updates this Month
    This release consists of security updates for the following products, features and roles.

    • .NET and Visual Studio
    • .NET Framework
    • Azure Arc
    • Cache Speculation
    • HTTP.sys
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft Windows ALPC
    • Microsoft Windows Codecs Library
    • Network Device Enrollment Service (NDES)
    • Role: DNS Server
    • Role: Windows Fax Service
    • SPNEGO Extended Negotiation
    • Visual Studio Code
    • Windows Common Log File System Driver
    • Windows Credential Roaming Service
    • Windows Defender
    • Windows Distributed File System (DFS)
    • Windows DPAPI (Data Protection Application Programming Interface)
    • Windows Enterprise App Management
    • Windows Event Tracing
    • Windows Group Policy
    • Windows IKE Extension
    • Windows Kerberos
    • Windows Kernel
    • Windows LDAP - Lightweight Directory Access Protocol
    • Windows ODBC Driver
    • Windows OLE
    • Windows Photo Import API
    • Windows Print Spooler Components
    • Windows Remote Access Connection Manager
    • Windows Remote Procedure Call
    • Windows TCP/IP
    • Windows Transport Security Layer (TLS)
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002142 SharePoint Enterprise Server 2016
    5002159 SharePoint Foundation 2013
    5002257 SharePoint Server 2019
    5002258 SharePoint Server 2019
    5002267 SharePoint Foundation 2013
    5002269 SharePoint Enterprise Server 2016
    5002270 SharePoint Server Subscription Edition Language Pack
    5002271 SharePoint Server Subscription Edition Core
    5017305 Windows 10, version 1607, Windows Server 2016
    5017308 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5017315 Windows Server 2019
    5017316 Windows Server 2022
    5017327 Windows 10
    5017328 Windows 11
    5017358 Windows Server 2008 (Monthly Rollup)
    5017361 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5017365 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5017367 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5017370 Windows Server 2012 (Monthly Rollup)
    5017371 Windows Server 2008 (Security-only update)
    5017373 Windows 7, Windows Server 2008 R2 (Security-only update)
    5017377 Windows Server 2012 (Security-only update)
    Released: Sep 13, 2022

    September 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  22. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    October 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Active Directory Domain Services
    • Azure
    • Azure Arc
    • Client Server Run-time Subsystem (CSRSS)
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft WDAC OLE DB provider for SQL
    • NuGet Client
    • Remote Access Service Point-to-Point Tunneling Protocol
    • Role: Windows Hyper-V
    • Service Fabric
    • Visual Studio Code
    • Windows Active Directory Certificate Services
    • Windows ALPC
    • Windows CD-ROM Driver
    • Windows COM+ Event System Service
    • Windows Connected User Experiences and Telemetry
    • Windows CryptoAPI
    • Windows Defender
    • Windows DHCP Client
    • Windows Distributed File System (DFS)
    • Windows DWM Core Library
    • Windows Event Logging Service
    • Windows Group Policy
    • Windows Group Policy Preference Client
    • Windows Internet Key Exchange (IKE) Protocol
    • Windows Kernel
    • Windows Local Security Authority (LSA)
    • Windows Local Security Authority Subsystem Service (LSASS)
    • Windows Local Session Manager (LSM)
    • Windows NTFS
    • Windows NTLM
    • Windows ODBC Driver
    • Windows Perception Simulation Service
    • Windows Point-to-Point Tunneling Protocol
    • Windows Portable Device Enumerator Service
    • Windows Print Spooler Components
    • Windows Resilient File System (ReFS)
    • Windows Secure Channel
    • Windows Security Support Provider Interface
    • Windows Server Remotely Accessible Registry Keys
    • Windows Server Service
    • Windows Storage
    • Windows TCP/IP
    • Windows USB Serial Driver
    • Windows Web Account Manager
    • Windows Win32K
    • Windows WLAN Service
    • Windows Workstation Service
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5018410 Windows 10, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
    5018418 Windows 11 version 21H2
    5018419 Windows 10, version 1809, Windows Server 2019
    5018421 Windows Server 2022
    5018427 Windows 11 version 22H2
    5018446 Windows Server 2008 (Security-only update)
    5018450 Windows Server 2008 (Monthly Rollup)
    5018454 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5018457 Windows Server 2012 (Monthly Rollup)
    5018474 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5018476 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5018478 Windows Server 2012 (Security-only update)
    5018479 Windows 7, Windows Server 2008 R2 (Security-only update)
    5002278 SharePoint Server 2019
    5002284 SharePoint Foundation 2013
    5002287 SharePoint Enterprise Server 2016
    5002290 SharePoint Server Subscription Edition
    Released: Oct 11, 2022
     
  23. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    November 2022 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Framework
    • AMD CPU Branch
    • Azure
    • Azure Real Time Operating System
    • Linux Kernel
    • Microsoft Dynamics
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Network Policy Server (NPS)
    • Open Source Software
    • Role: Windows Hyper-V
    • SysInternals
    • Visual Studio
    • Windows Advanced Local Procedure Call
    • Windows ALPC
    • Windows Bind Filter Driver
    • Windows BitLocker
    • Windows CNG Key Isolation Service
    • Windows Devices Human Interface
    • Windows Digital Media
    • Windows DWM Core Library
    • Windows Extensible File Allocation
    • Windows Group Policy Preference Client
    • Windows HTTP.sys
    • Windows Kerberos
    • Windows Mark of the Web (MOTW)
    • Windows Netlogon
    • Windows Network Address Translation (NAT)
    • Windows ODBC Driver
    • Windows Overlay Filter
    • Windows Point-to-Point Tunneling Protocol
    • Windows Print Spooler Components
    • Windows Resilient File System (ReFS)
    • Windows Scripting
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002258 Microsoft SharePoint Server 2019
    5002267 Microsoft SharePoint Server 2013
    5002269 Microsoft SharePoint Server 2016
    5002271 Microsoft SharePoint Server Subscription Edition
    5019959 Windows 10 Version 21H1
    5019966 Windows 10 Version 1809, Windows Server 2019
    5019980 Windows 11 version 22H2
    5020000 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5020003 Windows Server 2012 (Security Only)
    5020005 Windows Server 2008 (Security Only)
    5020009 Windows Server 2012 (Monthly Rollup)
    5020010 Windows 8.1, Windows Server 2012 R2 (Security Only)
    5020013 Windows 7, Windows Server 2008 R2 (Security Only)
    5020019 Windows Server 2008 (Monthly Rollup)
    5020023 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    Released: Nov 8, 2022
    November 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  24. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    December 2022 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Framework
    • Azure
    • Client Server Run-time Subsystem (CSRSS)
    • Microsoft Bluetooth Driver
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office OneNote
    • Microsoft Office Outlook
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft Windows Codecs Library
    • Role: Windows Hyper-V
    • SysInternals
    • Windows Certificates
    • Windows Contacts
    • Windows DirectX
    • Windows Error Reporting
    • Windows Fax Compose Form
    • Windows HTTP Print Provider
    • Windows Kernel
    • Windows PowerShell
    • Windows Print Spooler Components
    • Windows Projected File System
    • Windows Secure Socket Tunneling Protocol (SSTP)
    • Windows SmartScreen
    • Windows Subsystem for Linux
    • Windows Terminal
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5020880 .NET core and .NET Framework, Change in how WPF-based applications render XPS documents
    5021233 Windows 10, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2, Windows 10, version 22H2
    5021234 Windows 11 version 21H2
    5021235 Windows 10, version 1607, Windows Server 2016
    5021237 Windows Server 2019
    5021243 Windows 10
    5021249 Windows Server 2022
    5021255 Windows 11 version 22H2
    5021285 Windows Server 2012 (Monthly Rollup)
    5021288 Windows 7, Windows Server 2008 R2 (Security-only update)
    5021289 Windows Server 2008 (Monthly Rollup)
    5021291 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5021293 Windows Server 2008 (Security-only update)
    5021294 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5021296 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5021303 Windows Server 2012 (Security-only update)

    Released: 13 Dec 2022
    December 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  25. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    January 2023 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core
    • 3D Builder
    • Azure Service Fabric Container
    • Microsoft Bluetooth Driver
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Local Security Authority Server (lsasrv)
    • Microsoft Message Queuing
    • Microsoft Office
    • Microsoft Office SharePoint
    • Microsoft Office Visio
    • Microsoft WDAC OLE DB provider for SQL
    • Visual Studio Code
    • Windows ALPC
    • Windows Ancillary Function Driver for WinSock
    • Windows Authentication Methods
    • Windows Backup Engine
    • Windows Bind Filter Driver
    • Windows BitLocker
    • Windows Boot Manager
    • Windows Credential Manager
    • Windows Cryptographic Services
    • Windows DWM Core Library
    • Windows Error Reporting
    • Windows Event Tracing
    • Windows IKE Extension
    • Windows Installer
    • Windows Internet Key Exchange (IKE) Protocol
    • Windows iSCSI
    • Windows Kernel
    • Windows Layer 2 Tunneling Protocol
    • Windows LDAP - Lightweight Directory Access Protocol
    • Windows Local Security Authority (LSA)
    • Windows Local Session Manager (LSM)
    • Windows Malicious Software Removal Tool
    • Windows Management Instrumentation
    • Windows MSCryptDImportKey
    • Windows NTLM
    • Windows ODBC Driver
    • Windows Overlay Filter
    • Windows Point-to-Point Tunneling Protocol
    • Windows Print Spooler Components
    • Windows Remote Access Service L2TP Driver
    • Windows RPC API
    • Windows Secure Socket Tunneling Protocol (SSTP)
    • Windows Smart Card
    • Windows Task Scheduler
    • Windows Virtual Registry Provider
    • Windows Workstation Service
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    December 29, 2022 Security Update Guide Improvement – Representing Hotpatch Updates
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5022143 Microsoft Exchange Server 2016
    5022188 Microsoft Exchange Server 2013
    5022193 Microsoft Exchange Server 2019
    5022286 Windows 10, version 1809, Windows Server 2019
    5022303 Windows 11 version 22H2
    5022338 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    5022339 Windows 7, Windows Server 2008 R2 (Security-only update)
    5022340 Windows Server 2008 (Monthly Rollup)
    5022343 Windows Server 2012 (Security-only update)
    5022346 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    5022348 Windows Server 2012 (Monthly Rollup)
    5022352 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    5022353 Windows Server 2008 (Security-only update)
    Released: Jan 10, 2023
     
  26. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    February 2023 Security Updates

    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET and Visual Studio
    • .NET Framework
    • 3D Builder
    • Azure App Service
    • Azure Data Box Gateway
    • Azure DevOps
    • Azure Machine Learning
    • HoloLens
    • Internet Storage Name Service
    • Microsoft Defender for Endpoint
    • Microsoft Defender for IoT
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Exchange Server
    • Microsoft Graphics Component
    • Microsoft Office
    • Microsoft Office OneNote
    • Microsoft Office Publisher
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft PostScript Printer Driver
    • Microsoft WDAC OLE DB provider for SQL
    • Microsoft Windows Codecs Library
    • Power BI
    • SQL Server
    • Visual Studio
    • Windows Active Directory
    • Windows ALPC
    • Windows Common Log File System Driver
    • Windows Cryptographic Services
    • Windows Distributed File System (DFS)
    • Windows Fax and Scan Service
    • Windows HTTP.sys
    • Windows Installer
    • Windows iSCSI
    • Windows Kerberos
    • Windows MSHTML Platform
    • Windows ODBC Driver
    • Windows Protected EAP (PEAP)
    • Windows SChannel
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    December 29, 2022 Security Update Guide Improvement – Representing Hotpatch Updates
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5022083 Change in how WPF-based applications render XPS documents
    5022834 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
    5022840 Windows 10, version 1809, Windows Server 2019
    5022845 Windows 11 version 22H2
    5022872 Windows Server 2008 R2 (Monthly Rollup)
    5022874 Windows Server 2008 R2 (Security-only update)
    5022890 Windows Server 2008 (Monthly Rollup)
    5022893 Windows Server 2008 (Security-only update)
    5022894 Windows Server 2012 R2 (Security-only update)
    5022895 Windows Server 2012 (Security-only update)
    5022899 Windows Server 2012 R2 (Monthly Rollup)
    5022903 Windows Server 2012 (Monthly Rollup)

    Released: Feb 14, 2023
    February 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  27. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    March 2023 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • Azure
    • Client Server Run-time Subsystem (CSRSS)
    • Internet Control Message Protocol (ICMP)
    • Microsoft Bluetooth Driver
    • Microsoft Dynamics
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Office Excel
    • Microsoft Office Outlook
    • Microsoft Office SharePoint
    • Microsoft OneDrive
    • Microsoft PostScript Printer Driver
    • Microsoft Printer Drivers
    • Microsoft Windows Codecs Library
    • Office for Android
    • Remote Access Service Point-to-Point Tunneling Protocol
    • Role: DNS Server
    • Role: Windows Hyper-V
    • Service Fabric
    • Visual Studio
    • Windows Accounts Control
    • Windows Bluetooth Service
    • Windows Central Resource Manager
    • Windows Cryptographic Services
    • Windows Defender
    • Windows HTTP Protocol Stack
    • Windows HTTP.sys
    • Windows Internet Key Exchange (IKE) Protocol
    • Windows Kernel
    • Windows Partition Management Driver
    • Windows Point-to-Point Protocol over Ethernet (PPPoE)
    • Windows Remote Procedure Call
    • Windows Remote Procedure Call Runtime
    • Windows Resilient File System (ReFS)
    • Windows Secure Channel
    • Windows SmartScreen
    • Windows TPM
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    December 29, 2022 Security Update Guide Improvement – Representing Hotpatch Updates
    August 9, 2022 Security Update Guide Notification System News: Create your profile now
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002355 SharePoint Server Subscription Edition
    5002396 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
    5023702 Windows 10, version 1809, Windows Server 2019
    5023705 Windows Server 2022
    5023706 Windows 11 version 22H2
    5023752 Windows Server 2012 (Security-only update)
    5023754 Windows Server 2008 (Security-only update)
    5023755 Windows Server 2008 (Monthly Rollup)
    5023756 Windows Server 2012 (Monthly Rollup)
    5023759 Windows Server 2008 R2 (Security-only update)
    5023769 Windows Server 2008 R2 (Monthly Rollup)
    Released: Mar 14, 2023
    https://msrc.microsoft.com/update-guide/releaseNote/2023-Mar
     
  28. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    April 2023 Security Updates
    Updates this Month

    This release consists of security updates for the following products, features and roles.

    • .NET Core
    • Azure Machine Learning
    • Azure Service Connector
    • Microsoft Bluetooth Driver
    • Microsoft Defender for Endpoint
    • Microsoft Dynamics
    • Microsoft Dynamics 365 Customer Voice
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Message Queuing
    • Microsoft Office
    • Microsoft Office Publisher
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft PostScript Printer Driver
    • Microsoft Printer Drivers
    • Microsoft WDAC OLE DB provider for SQL
    • Microsoft Windows DNS
    • Visual Studio
    • Visual Studio Code
    • Windows Active Directory
    • Windows ALPC
    • Windows Ancillary Function Driver for WinSock
    • Windows Boot Manager
    • Windows Clip Service
    • Windows CNG Key Isolation Service
    • Windows Common Log File System Driver
    • Windows DHCP Server
    • Windows Enroll Engine
    • Windows Error Reporting
    • Windows Group Policy
    • Windows Internet Key Exchange (IKE) Protocol
    • Windows Kerberos
    • Windows Kernel
    • Windows Layer 2 Tunneling Protocol
    • Windows Lock Screen
    • Windows Netlogon
    • Windows Network Address Translation (NAT)
    • Windows Network File System
    • Windows Network Load Balancing
    • Windows NTLM
    • Windows PGM
    • Windows Point-to-Point Protocol over Ethernet (PPPoE)
    • Windows Point-to-Point Tunneling Protocol
    • Windows Raw Image Extension
    • Windows RDP Client
    • Windows Registry
    • Windows RPC API
    • Windows Secure Boot
    • Windows Secure Channel
    • Windows Secure Socket Tunneling Protocol (SSTP)
    • Windows Transport Security Layer (TLS)
    • Windows Win32K
    Please note the following information regarding the security updates:

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Information
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds
    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002375 SharePoint Server Subscription Edition
    5025221 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
    5025224 Windows 11 version 21H2
    5025229 Windows 10, Version 1809, Windows Server 2019
    5025230 Windows Server 2022
    5025239 Windows 11 version 22H2
    5025271 Windows Server 2008 (Monthly Rollup)
    5025273 Windows Server 2008 (Security-only update)
    5025277 Windows Server 2008 R2 (Security-only update)
    5025279 Windows Server 2008 R2 (Monthly Rollup)
    Released: Apr 11, 2023
    April 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  29. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    May 2023 Security Updates
    This release consists of the following 40 Microsoft CVEs:


    We are republising 9 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2459 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2460 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2462 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2463 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2464 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2465 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2466 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2467 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2468 Yes No No
    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5026361 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
    5026362 Windows 10, Version 1809, Windows Server 2019
    5026368 Windows 11 version 21H2
    5026370 Windows Server 2022
    5026372 Windows 11 version 22H2
    5026408 Windows Server 2008 (Monthly Rollup)
    5026413 Windows Server 2008 R2 (Monthly Rollup)
    5026426 Windows Server 2008 R2 (Security-only update)
    5026427 Windows Server 2008 (Security-only update)
    Released: May 9, 2023

    May 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  30. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    June 2023 Security Updates
    This release consists of the following 73 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Azure DevOps CVE-2023-21565
    Azure DevOps CVE-2023-21569
    .NET and Visual Studio CVE-2023-24895 7.8
    Microsoft Dynamics CVE-2023-24896 5.4
    .NET and Visual Studio CVE-2023-24897 7.8
    .NET and Visual Studio CVE-2023-24936 8.1
    Windows CryptoAPI CVE-2023-24937
    Windows CryptoAPI CVE-2023-24938 6.5
    Microsoft Exchange Server CVE-2023-28310
    .NET Framework CVE-2023-29326 7.8
    .NET Core CVE-2023-29331 7.5
    NuGet Client CVE-2023-29337 7.1
    Microsoft Edge (Chromium-based) CVE-2023-29345 6.1
    Windows NTFS CVE-2023-29346 7.8
    Windows Group Policy CVE-2023-29351 8.1
    Remote Desktop Client CVE-2023-29352 6.5 SysInternals CVE-2023-29353 5.5
    Windows DHCP Server CVE-2023-29355 5.3
    Microsoft Office SharePoint CVE-2023-29357 9.8
    Windows GDI CVE-2023-29358 7.8
    WNoindows Win32K CVE-2023-29359 7.8
    Windows TPM Device Driver CVE-2023-29360 7.8
    Windows Cloud Files Mini Filter Driver CVE-2023-29361 7.0
    Remote Desktop Client CVE-2023-29362 8.8
    Windows PGM CVE-2023-29363 9.8
    Windows Authentication Methods CVE-2023-29364 7.0
    Microsoft Windows Codecs Library CVE-2023-29365 7.8
    Windows Geolocation Service CVE-2023-29366 7.8
    Windows OLE CVE-2023-29367 7.8
    Windows Filtering CVE-2023-29368 7.0
    Windows Remote Procedure Call Runtime CVE-2023-29369 6.5
    Microsoft Windows Codecs Library CVE-2023-29370 7.8
    Windows Win32K CVE-2023-29371 7.8
    Microsoft WDAC OLE DB provider for SQL CVE-2023-29372 8.8
    Windows ODBC Driver CVE-2023-29373 8.8
    Windows Resilient File System (ReFS) CVE-2023-32008 7.8
    Windows Collaborative Translation Framework CVE-2023-32009 8.8
    Windows Bus Filter Driver CVE-2023-32010 7.0
    Windows iSCSI CVE-2023-32011 7.5
    Windows Container Manager Service CVE-2023-32012 6.3
    Windows Hyper-V CVE-2023-32013 6.5
    Windows PGM CVE-2023-32014 9.8
    Windows PGM CVE-2023-32015 9.8
    Windows Installer CVE-2023-32016 5.5
    Microsoft Printer Drivers CVE-2023-32017 7.8
    Windows Hello CVE-2023-32018 7.8
    Windows Kernel CVE-2023-32019 4.7
    Role: DNS Server CVE-2023-32020 3.7
    Windows SMB CVE-2023-32021 7.1
    Windows Server Service CVE-2023-32022 7.6
    Microsoft Power Apps CVE-2023-32024 3.0
    Microsoft Office Excel CVE-2023-32029 7.8
    .NET and Visual Studio CVE-2023-32030 7.5
    Microsoft Exchange Server CVE-2023-32031 8.8
    .NET and Visual Studio CVE-2023-32032 6.5
    .NET and Visual Studio CVE-2023-33126 7.3
    .NET and Visual Studio CVE-2023-33127 8.1
    .NET and Visual Studio CVE-2023-33128 7.3
    Microsoft Office SharePoint CVE-2023-33129 6.5
    Microsoft Office SharePoint CVE-2023-33130 7.3
    Microsoft Office Outlook CVE-2023-33131 8.8
    Microsoft Office SharePoint CVE-2023-33132 6.3
    Microsoft Office Excel CVE-2023-33133 7.8
    .NET and Visual Studio CVE-2023-33135 7.3
    Microsoft Office Excel CVE-2023-33137 7.8
    Visual Studio CVE-2023-33139 5.5 CVSS:3.1
    Microsoft Office OneNote CVE-2023-33140 6.5
    ASP .NET CVE-2023-33141 7.5 /RL:O/RC:C
    Microsoft Office SharePoint CVE-2023-33142 6.5
    Microsoft Edge (Chromium-based) CVE-2023-33143 7.5
    Visual Studio Code CVE-2023-33144 5.0
    Microsoft Edge (Chromium-based) CVE-2023-33145 6.5
    Microsoft Office CVE-2023-33146 7.8


    We are republising 22 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2929
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2930
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2931
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2932
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2933
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2934
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2935
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2936
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2937
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2938
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2939
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2940
    Chrome Microsoft Edge (Chromium-based) CVE-2023-2941
    Chrome Microsoft Edge (Chromium-based) CVE-2023-3079
    Github Visual Studio CVE-2023-25815
    Github Visual Studio CVE-2023-25652
    AutoDesk Visual Studio CVE-2023-27909
    AutoDesk Visual Studio CVE-2023-27910
    AutoDesk Visual Studio CVE-2023-27911
    Github Visual Studio CVE-2023-29007
    Github Visual Studio CVE-2023-29011
    Github Visual Studio CVE-2023-29012

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5027215 Windows 10, version 21H2 and Windows 10, version 22H2
    5027222 Windows 10, version 1809, Windows Server 2019
    5027223 Windows 11, version 21H2
    5027225 Windows Server 2022
    5027231 Windows 11, version 22H2
    5027256 Windows Server 2008 R2 (Security-only update)
    5027275 Windows Server 2008 R2 (Monthly Rollup)
    5027277 Windows Server 2008 (Security-only update)
    5027279 Windows Server 2008 (Monthly Rollup)
    Released: Jun 13, 2023
    June 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  31. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    July 2023 Security Updates
    Updates this Month

    This release consists of the following 130 CVEs and 2 Advisories:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows Certificates ADV230001
    Windows EFI Partition ADV230002
    Windows Netlogon CVE-2023-21526
    Microsoft Graphics Component CVE-2023-21756
    Windows Admin Center CVE-2023-29347
    Windows Cluster Server CVE-2023-32033
    Windows Remote Procedure Call CVE-2023-32034
    Windows Remote Procedure Call CVE-2023-32035
    Windows Layer 2 Tunneling Protocol CVE-2023-32037
    Windows ODBC Driver CVE-2023-32038
    Microsoft Printer Drivers CVE-2023-32039
    Microsoft Printer Drivers CVE-2023-32040
    Windows Update Orchestrator Service CVE-2023-32041
    Windows OLE CVE-2023-32042
    Windows Remote Desktop CVE-2023-32043
    Windows Message Queuing CVE-2023-32044
    Windows Message Queuing CVE-2023-32045
    Windows MSHTML Platform CVE-2023-32046
    Paint 3D CVE-2023-32047
    Windows SmartScreen CVE-2023-32049
    Windows Installer CVE-2023-32050
    Microsoft Windows Codecs Library CVE-2023-32051
    Microsoft Power Apps CVE-2023-32052
    Windows Installer CVE-2023-32053
    Windows Volume Shadow Copy CVE-2023-32054
    Windows Active Template Library CVE-2023-32055
    Windows Server Update Service CVE-2023-32056
    Windows Message Queuing CVE-2023-32057
    Windows Failover Cluster CVE-2023-32083
    Windows HTTP.sys CVE-2023-32084
    Microsoft Printer Drivers CVE-2023-32085
    .NET and Visual Studio CVE-2023-33127
    Microsoft Office SharePoint CVE-2023-33134
    Microsoft Office CVE-2023-33148
    Microsoft Graphics Component CVE-2023-33149
    Microsoft Office CVE-2023-33150
    Microsoft Office Outlook CVE-2023-33151
    Microsoft Office Access CVE-2023-33152
    Microsoft Office Outlook CVE-2023-33153
    Windows Partition Management Driver CVE-2023-33154
    Windows Cloud Files Mini Filter Driver CVE-2023-33155
    Windows Defender CVE-2023-33156
    Microsoft Office SharePoint CVE-2023-33157
    Microsoft Office Excel CVE-2023-33158
    Microsoft Office SharePoint CVE-2023-33159
    Microsoft Office SharePoint CVE-2023-33160
    Microsoft Office Excel CVE-2023-33161
    Microsoft Office Excel CVE-2023-33162
    Windows Network Load Balancing CVE-2023-33163
    Windows Remote Procedure Call CVE-2023-33164
    Microsoft Office SharePoint CVE-2023-33165
    Windows Remote Procedure Call CVE-2023-33166
    Windows Remote Procedure Call CVE-2023-33167
    Windows Remote Procedure Call CVE-2023-33168
    Windows Remote Procedure Call CVE-2023-33169
    ASP.NET and .NET CVE-2023-33170
    Microsoft Dynamics CVE-2023-33171
    Windows Remote Procedure Call CVE-2023-33172
    Windows Remote Procedure Call CVE-2023-33173
    Windows Cryptographic Services CVE-2023-33174
    Microsoft Printer Drivers CVE-2023-35296
    Windows PGM CVE-2023-35297
    Windows HTTP.sys CVE-2023-35298
    Windows Common Log File System Driver CVE-2023-35299
    Windows Remote Procedure Call CVE-2023-35300
    Microsoft Printer Drivers CVE-2023-35302
    Microsoft Windows Codecs Library CVE-2023-35303
    Windows Kernel CVE-2023-35304
    Windows Kernel CVE-2023-35305
    Microsoft Printer Drivers CVE-2023-35306
    Windows MSHTML Platform CVE-2023-35308
    Windows Message Queuing CVE-2023-35309
    Role: DNS Server CVE-2023-35310
    Microsoft Office Outlook CVE-2023-35311
    Windows VOLSNAP.SYS CVE-2023-35312
    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2023-35313
    Windows Remote Procedure Call CVE-2023-35314
    Windows Layer-2 Bridge Network Driver CVE-2023-35315
    Windows Remote Procedure Call CVE-2023-35316
    Windows Server Update Service CVE-2023-35317
    Windows Remote Procedure Call CVE-2023-35318
    Windows Remote Procedure Call CVE-2023-35319
    Windows Connected User Experiences and Telemetry CVE-2023-35320
    Windows Deployment Services CVE-2023-35321
    Windows Deployment Services CVE-2023-35322
    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2023-35323
    Microsoft Printer Drivers CVE-2023-35324
    Windows Print Spooler Components CVE-2023-35325
    Windows CDP User Components CVE-2023-35326
    Windows Transaction Manager CVE-2023-35328
    Windows Authentication Methods CVE-2023-35329
    Windows SPNEGO Extended Negotiation CVE-2023-35330
    Windows Local Security Authority (LSA) CVE-2023-35331
    Windows Remote Desktop CVE-2023-35332
    Microsoft Media-Wiki Extensions CVE-2023-35333
    Microsoft Dynamics CVE-2023-35335
    Windows MSHTML Platform CVE-2023-35336
    Windows Win32K CVE-2023-35337
    Windows Peer Name Resolution Protocol CVE-2023-35338
    Windows CryptoAPI CVE-2023-35339
    Windows CNG Key Isolation Service CVE-2023-35340
    Windows Media CVE-2023-35341
    Windows Image Acquisition CVE-2023-35342
    Windows Geolocation Service CVE-2023-35343
    Role: DNS Server CVE-2023-35344
    Role: DNS Server CVE-2023-35345
    Role: DNS Server CVE-2023-35346
    Windows App Store CVE-2023-35347
    Azure Active Directory CVE-2023-35348
    Windows Active Directory Certificate Services CVE-2023-35350
    Windows Active Directory Certificate Services CVE-2023-35351
    Windows Remote Desktop CVE-2023-35352
    Windows Connected User Experiences and Telemetry CVE-2023-35353
    Windows Kernel CVE-2023-35356
    Windows Kernel CVE-2023-35357
    Windows Kernel CVE-2023-35358
    Windows NT OS Kernel CVE-2023-35360
    Windows NT OS Kernel CVE-2023-35361
    Windows Clip Service CVE-2023-35362
    Windows Kernel CVE-2023-35363
    Windows NT OS Kernel CVE-2023-35364
    Windows Routing and Remote Access Service (RRAS) CVE-2023-35365
    Windows Routing and Remote Access Service (RRAS) CVE-2023-35366
    Windows Routing and Remote Access Service (RRAS) CVE-2023-35367
    Mono Authenticode CVE-2023-35373
    Paint 3D CVE-2023-35374
    Visual Studio Code CVE-2023-36867
    Service Fabric CVE-2023-36868
    Azure Active Directory CVE-2023-36871
    Microsoft Windows Codecs Library CVE-2023-36872
    Windows Error Reporting CVE-2023-36874
    Microsoft Office CVE-2023-36884

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5028166 Windows 10, version 21H2 and Windows 10, version 22H2
    5028168 Windows 10, version 1809, Windows Server 2019
    5028171 Windows Server 2022
    5028182 Windows 11, version 21H2
    5028185 Windows 11, version 22H2
    5028222 Windows Server 2008 (Monthly Rollup)
    5028224 Windows Server 2008 R2 (Security-only update)
    5028226 Windows Server 2008 (Security-only update)
    5028240 Windows Server 2008 R2 (Monthly Rollup)
    Released: Jul 11, 2023
    July 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  32. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    August 2023 Security Updates
    This release consists of the following 74 Microsoft CVEs, and 2 advisories:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Microsoft Office ADV230003
    Memory Integrity System Readiness Scan Tool ADV230004
    Microsoft Exchange Server CVE-2023-21709 9.8
    Microsoft Teams CVE-2023-29328 8.8
    Microsoft Teams CVE-2023-29330 8.8
    Windows Kernel CVE-2023-35359 7.8
    Microsoft Exchange Server CVE-2023-35368 8.8
    Microsoft Office Excel CVE-2023-35371 7.8
    Microsoft Office Visio CVE-2023-35372 7.8
    Windows Message Queuing CVE-2023-35376 6.5
    Windows Message Queuing CVE-2023-35377 6.5
    Windows Projected File System CVE-2023-35378 7.0
    Windows Reliability Analysis Metrics Calculation Engine CVE-2023-35379 7.8
    Windows Kernel CVE-2023-35380 7.8
    Windows Fax and Scan Service CVE-2023-35381 8.8
    Windows Kernel CVE-2023-35382 7.8 Exploitation More Likely Yes No No
    Windows Message Queuing CVE-2023-35383 7.5
    Windows HTML Platform CVE-2023-35384 5.4
    Windows Message Queuing CVE-2023-35385 9.8
    Windows Kernel CVE-2023-35386 7.8
    Windows Bluetooth A2DP driver CVE-2023-35387 8.8
    Microsoft Exchange Server CVE-2023-35388 8.0
    Microsoft Dynamics CVE-2023-35389 6.5
    .NET Core CVE-2023-35390 7.8
    ASP.NET and Visual Studio CVE-2023-35391 7.1
    Azure HDInsights CVE-2023-35393 4.5
    Azure HDInsights CVE-2023-35394 4.6 C
    Microsoft Office Visio CVE-2023-36865 7.8
    Microsoft Office Visio CVE-2023-36866 7.8
    Azure DevOps CVE-2023-36869 6.3
    .NET Framework CVE-2023-36873 7.4 C
    Reliability Analysis Metrics Calculation Engine CVE-2023-36876 7.1
    Azure HDInsights CVE-2023-36877 4.5
    Azure HDInsights CVE-2023-36881 4.5
    Microsoft WDAC OLE DB provider for SQL CVE-2023-36882 8.8
    Windows Group Policy CVE-2023-36889 5.5
    Microsoft Office SharePoint CVE-2023-36890 6.5
    Microsoft Office SharePoint CVE-2023-36891 8.0
    Microsoft Office SharePoint CVE-2023-36892 8.0
    Microsoft Office Outlook CVE-2023-36893 6.5
    Microsoft Office SharePoint CVE-2023-36894 6.5
    Microsoft Office Outlook CVE-2023-36895 7.8
    Microsoft Office Excel CVE-2023-36896 7.8
    Microsoft Office CVE-2023-36897 8.1
    Tablet Windows User Interface CVE-2023-36898 7.8
    ASP.NET CVE-2023-36899 7.5
    Windows Common Log File System Driver CVE-2023-36900 7.8
    Windows System Assessment Tool CVE-2023-36903 7.8
    Windows Cloud Files Mini Filter Driver CVE-2023-36904 7.8
    Windows Wireless Wide Area Network Service CVE-2023-36905 5.5
    Windows Cryptographic Services CVE-2023-36906 5.5
    Windows Cryptographic Services CVE-2023-36907 5.5
    Role: Windows Hyper-V CVE-2023-36908 5.7
    Windows Message Queuing CVE-2023-36909 6.5
    Windows Message Queuing CVE-2023-36910 9.8
    Windows Message Queuing CVE-2023-36911 9.8
    Windows Message Queuing CVE-2023-36912 7.5
    Windows Message Queuing CVE-2023-36913 6.5
    Windows Smart Card CVE-2023-36914 5.5
    Windows Kernel CVE-2023-38154 7.8
    Microsoft Edge (Chromium-based) CVE-2023-38157 6.5
    Dynamics Business Central Control CVE-2023-38167 7.2
    SQL Server CVE-2023-38169 8.8
    Microsoft Windows Codecs Library CVE-2023-38170 7.8
    Windows Message Queuing CVE-2023-38172 7.5
    Windows Defender CVE-2023-38175 7.8
    Azure Arc CVE-2023-38176 7.0
    .NET Core CVE-2023-38178 7.5
    ASP .NET CVE-2023-38180 7.5
    Microsoft Exchange Server CVE-2023-38181 8.8
    Microsoft Exchange Server CVE-2023-38182 8.0
    Windows LDAP - Lightweight Directory Access Protocol CVE-2023-38184 7.5
    Microsoft Exchange Server CVE-2023-38185 8.8
    Windows Mobile Device Management CVE-2023-38186 7.8
    Azure HDInsights CVE-2023-38188 4.5
    Windows Message Queuing CVE-2023-38254 6.5
    We are republising 12 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Advanced Micro Devices Inc. Microsoft Windows CVE-2023-20569 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4068 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4069 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4070 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4071 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4072 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4073 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4074 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4075 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4076 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4077 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4078 Yes No No
    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002398 SharePoint Enterprise Server 2016 Language Pack
    5002422 SharePoint Server 2019 Language Pack
    5002436 SharePoint Server 2019
    5002437 SharePoint Server Subscription Edition
    5002453 SharePoint Enterprise Server 2016
    5029244 Windows 10, version 21H2, Windows 10, version 22H2
    5029247 Windows 10, version 1809, Windows Server 2019
    5029250 Windows Server 2022
    5029263 Windows 11, version 22H2
    5029296 Windows Server 2008 R2 (Monthly Rollup)
    5029301 Windows Server 2008 (Security-only update)
    5029307 Windows Server 2008 R2 (Security-only update)
    5029318 Windows Server 2008 (Monthly Rollup)
    5029388 Exchange Server 2019, and 2016
    Released: 8 Aug 2023
    https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug
     
  33. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    September 2023 Security Updates
    This release consists of the following 59 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Microsoft Azure Kubernetes Service CVE-2023-29332
    Azure DevOps CVE-2023-33136
    Windows Cloud Files Mini Filter Driver CVE-2023-35355
    Microsoft Identity Linux Broker CVE-2023-36736
    3D Viewer CVE-2023-36739
    3D Viewer CVE-2023-36740
    Visual Studio Code CVE-2023-36742
    Microsoft Exchange Server CVE-2023-36744
    Microsoft Exchange Server CVE-2023-36745
    Microsoft Exchange Server CVE-2023-36756
    Microsoft Exchange Server CVE-2023-36757
    Visual Studio CVE-2023-36758
    Visual Studio CVE-2023-36759
    3D Viewer CVE-2023-36760
    Microsoft Office Word CVE-2023-36761
    Microsoft Office Word CVE-2023-36762
    Microsoft Office Outlook CVE-2023-36763
    Microsoft Office SharePoint CVE-2023-36764
    Microsoft Office CVE-2023-36765
    Microsoft Office Excel CVE-2023-36766
    Microsoft Office CVE-2023-36767
    3D Builder CVE-2023-36770
    3D Builder CVE-2023-36771
    3D Builder CVE-2023-36772
    3D Builder CVE-2023-36773
    Microsoft Exchange Server CVE-2023-36777
    .NET Framework CVE-2023-36788
    .NET and Visual Studio CVE-2023-36792
    .NET and Visual Studio CVE-2023-36793
    .NET and Visual Studio CVE-2023-36794
    .NET and Visual Studio CVE-2023-36796
    .NET Core & Visual Studio CVE-2023-36799
    Microsoft Dynamics Finance & Operations CVE-2023-36800
    Windows DHCP Server CVE-2023-36801
    Microsoft Streaming Service CVE-2023-36802
    Windows Kernel CVE-2023-36803
    Windows GDI CVE-2023-36804
    Windows Scripting CVE-2023-36805
    Microsoft Dynamics CVE-2023-36886
    Windows Kernel CVE-2023-38139
    Windows Kernel CVE-2023-38140
    Windows Kernel CVE-2023-38141
    Windows Kernel CVE-2023-38142
    Windows Common Log File System Driver CVE-2023-38143
    Windows Common Log File System Driver CVE-2023-38144
    Windows Themes CVE-2023-38146
    Microsoft Windows Codecs Library CVE-2023-38147
    Windows Internet Connection Sharing (ICS) CVE-2023-38148
    Windows TCP/IP CVE-2023-38149
    Windows Kernel CVE-2023-38150
    Windows DHCP Server CVE-2023-38152
    Azure DevOps CVE-2023-38155
    Azure HDInsights CVE-2023-38156
    Windows TCP/IP CVE-2023-38160
    Windows GDI CVE-2023-38161
    Windows DHCP Server CVE-2023-38162
    Windows Defender CVE-2023-38163
    Microsoft Dynamics CVE-2023-38164
    Microsoft Office CVE-2023-41764
    We are republising 6 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Autodesk 3D Viewer CVE-2022-41303 Yes No No
    Electron Visual Studio Code CVE-2023-39956 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4761 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4762 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4763 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2023-4764 Yes No No
    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5002472 SharePoint Server 2019 Core
    5002474 SharePoint Server Subscription Edition
    5002494 SharePoint Enterprise Server 2016
    5002501 SharePoint Enterprise Server 2016
    5030216 Windows Server 2022
    5030261 Windows Server 2008 R2 (Security-only update)
    5030265 Windows Server 2008 R2 (Monthly Rollup)
    5030271 Windows Server 2008 (Monthly Rollup)
    5030286 Windows Server 2008 (Security-only update)
    Released: Sep 12, 2023
    September 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  34. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    October 2023 Security Updates
    This release consists of the following 103 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows RDP CVE-2023-29348
    Windows Message Queuing CVE-2023-35349
    Azure SDK CVE-2023-36414
    Azure SDK CVE-2023-36415
    Microsoft Dynamics CVE-2023-36416
    SQL Server CVE-2023-36417
    Azure Real Time Operating System CVE-2023-36418
    Azure CVE-2023-36419
    SQL Server CVE-2023-36420
    Microsoft Dynamics CVE-2023-36429
    Windows Message Queuing CVE-2023-36431
    Microsoft Dynamics CVE-2023-36433
    Windows IIS CVE-2023-36434
    Microsoft QUIC CVE-2023-36435
    Windows HTML Platform CVE-2023-36436
    Windows TCP/IP CVE-2023-36438
    Windows HTML Platform CVE-2023-36557
    Azure DevOps CVE-2023-36561
    Microsoft WordPad CVE-2023-36563
    Microsoft Windows Search Component CVE-2023-36564
    Microsoft Office CVE-2023-36565
    Microsoft Common Data Model SDK CVE-2023-36566
    Windows Deployment Services CVE-2023-36567
    Microsoft Office CVE-2023-36568
    Microsoft Office CVE-2023-36569
    Windows Message Queuing CVE-2023-36570
    Windows Message Queuing CVE-2023-36571
    Windows Message Queuing CVE-2023-36572
    Windows Message Queuing CVE-2023-36573
    Windows Message Queuing CVE-2023-36574
    Windows Message Queuing CVE-2023-36575
    Windows Kernel CVE-2023-36576
    Microsoft WDAC OLE DB provider for SQL CVE-2023-36577
    Windows Message Queuing CVE-2023-36578
    Windows Message Queuing CVE-2023-36579
    Windows Message Queuing CVE-2023-36581
    Windows Message Queuing CVE-2023-36582
    Windows Message Queuing CVE-2023-36583
    Windows Mark of the Web (MOTW) CVE-2023-36584
    Windows Active Template Library CVE-2023-36585
    Windows Message Queuing CVE-2023-36589
    Windows Message Queuing CVE-2023-36590
    Windows Message Queuing CVE-2023-36591
    Windows Message Queuing CVE-2023-36592
    Windows Message Queuing CVE-2023-36593
    Microsoft Graphics Component CVE-2023-36594
    Windows Remote Procedure Call CVE-2023-36596
    SQL Server CVE-2023-36598
    Windows TCP/IP CVE-2023-36602
    Windows TCP/IP CVE-2023-36603
    Windows Named Pipe File System CVE-2023-36605
    Windows Message Queuing CVE-2023-36606
    Windows Message Queuing CVE-2023-36697
    Windows Kernel CVE-2023-36698
    Windows Resilient File System (ReFS) CVE-2023-36701
    Windows Microsoft DirectMusic CVE-2023-36702
    Windows DHCP Server CVE-2023-36703
    Windows Setup Files Cleanup CVE-2023-36704
    Windows Deployment Services CVE-2023-36706
    Windows Deployment Services CVE-2023-36707
    Windows AllJoyn API CVE-2023-36709
    Microsoft Windows Media Foundation CVE-2023-36710
    Windows Runtime C++ Template Library CVE-2023-36711
    Windows Kernel CVE-2023-36712
    Windows Common Log File System Driver CVE-2023-36713
    Windows TPM CVE-2023-36717
    Windows Virtual Trusted Platform Module CVE-2023-36718
    Windows Mixed Reality Developer Tools CVE-2023-36720
    Windows Error Reporting CVE-2023-36721
    Active Directory Domain Services CVE-2023-36722
    Windows Container Manager Service CVE-2023-36723
    Windows Power Management Service CVE-2023-36724
    Windows NT OS Kernel CVE-2023-36725
    Windows IKE Extension CVE-2023-36726
    SQL Server CVE-2023-36728
    Windows Named Pipe File System CVE-2023-36729
    SQL Server CVE-2023-36730
    Windows Win32K CVE-2023-36731
    Windows Win32K CVE-2023-36732
    Azure CVE-2023-36737 7
    Windows Win32K CVE-2023-36743
    Windows Win32K CVE-2023-36776
    Microsoft Exchange Server CVE-2023-36778
    Skype for Business CVE-2023-36780
    SQL Server CVE-2023-36785
    Skype for Business CVE-2023-36786
    Skype for Business CVE-2023-36789
    Windows RDP CVE-2023-36790
    Windows Client/Server Runtime Subsystem CVE-2023-36902
    Microsoft Graphics Component CVE-2023-38159
    Windows Layer 2 Tunneling Protocol CVE-2023-38166
    Microsoft QUIC CVE-2023-38171
    Skype for Business CVE-2023-41763
    Windows Layer 2 Tunneling Protocol CVE-2023-41765
    Client Server Run-time Subsystem (CSRSS) CVE-2023-41766
    Windows Layer 2 Tunneling Protocol CVE-2023-41767
    Windows Layer 2 Tunneling Protocol CVE-2023-41768
    Windows Layer 2 Tunneling Protocol CVE-2023-41769
    Windows Layer 2 Tunneling Protocol CVE-2023-41770
    Windows Layer 2 Tunneling Protocol CVE-2023-41771
    Windows Win32K CVE-2023-41772
    Windows Layer 2 Tunneling Protocol CVE-2023-41773
    Windows Layer 2 Tunneling Protocol CVE-2023-41774
    We are republising 2 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    MITRE Corporation HTTP/2 CVE-2023-44487
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5346
    Security Update Guide Blog Posts
    Date Blog Post
    October 12, 2022 Improvements in Security Update Notifications Delivery - And a New Delivery Method
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5031364 Windows Server 2022
    5031408 Windows Server 2008 R2 (Monthly Rollup)
    5031411 Windows Server 2008 (Security-only update)
    5031416 Windows Server 2008 (Monthly Rollup)
    5031441 Windows Server 2008 R2 (Security-only update)
    Released: Oct 10, 2023
    October 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  35. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    November 2023 Security Updates
    This release consists of the following 63 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    Microsoft Dynamics CVE-2023-36007
    Microsoft Edge (Chromium-based) CVE-2023-36014
    Microsoft Dynamics CVE-2023-36016
    Windows Scripting CVE-2023-36017
    Visual Studio Code CVE-2023-36018
    Azure CVE-2023-36021
    Microsoft Edge (Chromium-based) CVE-2023-36022
    Microsoft Edge (Chromium-based) CVE-2023-36024
    Windows SmartScreen CVE-2023-36025
    Microsoft Edge (Chromium-based) CVE-2023-36027
    Windows Protected EAP (PEAP) CVE-2023-36028
    Microsoft Edge (Chromium-based) CVE-2023-36029
    Microsoft Dynamics 365 Sales CVE-2023-36030
    Microsoft Dynamics CVE-2023-36031
    Windows DWM Core Library CVE-2023-36033
    Microsoft Edge (Chromium-based) CVE-2023-36034
    Microsoft Exchange Server CVE-2023-36035
    Windows Cloud Files Mini Filter Driver CVE-2023-36036
    Microsoft Office Excel CVE-2023-36037
    ASP.NET CVE-2023-36038
    Microsoft Exchange Server CVE-2023-36039
    Microsoft Office Excel CVE-2023-36041
    Visual Studio CVE-2023-36042
    Open Management Infrastructure CVE-2023-36043
    Microsoft Office CVE-2023-36045
    Windows Authentication Methods CVE-2023-36046
    Windows Authentication Methods CVE-2023-36047
    .NET Framework CVE-2023-36049
    Microsoft Exchange Server CVE-2023-36050
    Azure CVE-2023-36052
    Windows DHCP Server CVE-2023-36392
    Tablet Windows User Interface CVE-2023-36393
    Microsoft Windows Search Component CVE-2023-36394
    Windows Deployment Services CVE-2023-36395
    Windows Compressed Folder CVE-2023-36396
    Windows Internet Connection Sharing (ICS) CVE-2023-36397
    Windows NTFS CVE-2023-36398
    Windows Storage CVE-2023-36399
    Windows HMAC Key Derivation CVE-2023-36400
    Microsoft Remote Registry Service CVE-2023-36401
    Microsoft WDAC OLE DB provider for SQL CVE-2023-36402
    Windows Kernel CVE-2023-36403
    Windows Kernel CVE-2023-36404
    Windows Kernel CVE-2023-36405
    Windows Hyper-V CVE-2023-36406
    Windows Hyper-V CVE-2023-36407
    Windows Hyper-V CVE-2023-36408
    Microsoft Dynamics CVE-2023-36410
    Microsoft Office CVE-2023-36413
    Windows Defender CVE-2023-36422
    Microsoft Remote Registry Service CVE-2023-36423
    Windows Common Log File System Driver CVE-2023-36424
    Windows Distributed File System (DFS) CVE-2023-36425
    Windows Hyper-V CVE-2023-36427
    Windows Authentication Methods CVE-2023-36428
    Azure DevOps CVE-2023-36437
    Microsoft Exchange Server CVE-2023-36439
    ASP.NET CVE-2023-36558
    ASP.NET CVE-2023-36560
    Windows Installer CVE-2023-36705
    Microsoft Windows Speech CVE-2023-36719
    Azure CVE-2023-38151
    Microsoft Office SharePoint CVE-2023-38177

    We are republishing 15 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Mitre Microsoft Bluetooth Driver CVE-2023-24023
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5480
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5482
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5849
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5850
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5851
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5852
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5853
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5854
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5855
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5856
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5857
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5858
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5859
    Chrome Microsoft Edge (Chromium-based) CVE-2023-5996

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5032189 Windows 10, version 21H2, Windows 10, version 22H2
    5032190 Windows 11, version 22H2
    5032192 Windows 11, version 21H2
    5032196 Windows 10, version 1809, Windows Server 2019
    5032248 Windows Server 2008 (Security-only update)
    5032250 Windows Server 2008 R2 (Security-only update)
    5032252 Windows Server 2008 R2 (Monthly Rollup)
    5032254 Windows Server 2008 (Monthly Rollup)
    Released: Nov 14, 2023
    November 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  36. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    December 2023 Security Updates
    This release consists of the following 36 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows Media CVE-2023-21740
    Microsoft Edge (Chromium-based) CVE-2023-35618
    Microsoft Office Outlook CVE-2023-35619
    Microsoft Dynamics CVE-2023-35621
    Microsoft Windows DNS CVE-2023-35622
    Azure Connected Machine Agent CVE-2023-35624
    Azure Machine Learning CVE-2023-35625
    Windows MSHTML Platform CVE-2023-35628
    Windows USB Mass Storage Class Driver CVE-2023-35629
    Windows Internet Connection Sharing (ICS) CVE-2023-35630
    Windows Win32K CVE-2023-35631
    Windows Internet Connection Sharing (ICS) CVE-2023-35632
    Windows Kernel CVE-2023-35633
    Microsoft Bluetooth Driver CVE-2023-35634
    Windows Kernel CVE-2023-35635
    Microsoft Office Outlook CVE-2023-35636
    Windows DHCP Server CVE-2023-35638
    Windows ODBC Driver CVE-2023-35639
    Windows Internet Connection Sharing (ICS) CVE-2023-35641
    Windows Internet Connection Sharing (ICS) CVE-2023-35642
    Windows DHCP Server CVE-2023-35643
    Windows Kernel-Mode Drivers CVE-2023-35644
    XAML Diagnostics CVE-2023-36003
    Windows DPAPI (Data Protection Application Programming Interface) CVE-2023-36004
    Windows Telephony Server CVE-2023-36005
    Microsoft WDAC OLE DB provider for SQL CVE-2023-36006
    Microsoft Office Word CVE-2023-36009
    Windows Defender CVE-2023-36010
    Windows Win32K CVE-2023-36011
    Windows DHCP Server CVE-2023-36012
    Microsoft Power Platform Connector CVE-2023-36019
    Microsoft Dynamics CVE-2023-36020
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2023-36391
    Windows Cloud Files Mini Filter Driver CVE-2023-36696
    Microsoft Edge (Chromium-based) CVE-2023-36880
    Microsoft Edge (Chromium-based) CVE-2023-38174
    We are republishing 6 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Chrome Microsoft Edge (Chromium-based) CVE-2023-6508
    Chrome Microsoft Edge (Chromium-based) CVE-2023-6509
    Chrome Microsoft Edge (Chromium-based) CVE-2023-6510
    Chrome Microsoft Edge (Chromium-based) CVE-2023-6511
    Chrome Microsoft Edge (Chromium-based) CVE-2023-6512
    AMD Chipsets CVE-2023-20588 Yes No No
    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5033369 Windows 11, version 21H2
    5033371 Windows 10, version 1809, Windows Server 2019
    5033372 Windows 10, version 21H2, Windows 10, version 22H2
    5033375 Windows 11, version 22H2, Windows 11, version 23H2
    5033422 Windows Server 2008 (Monthly Rollup)
    5033424 Windows Server 2008 R2 (Security-only update)
    5033427 Windows Server 2008 (Security-only update)
    5033433 Windows Server 2008 R2 (Monthly Rollup)
    Released: Dec 12, 2023
    December 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  37. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    January 2024 Security Updates



    This release consists of the following 48 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    SQL Server CVE-2024-0056

    .NET and Visual Studio CVE-2024-0057

    Windows Scripting CVE-2024-20652

    Windows Common Log File System Driver CVE-2024-20653

    Windows ODBC Driver CVE-2024-20654

    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20655

    Visual Studio CVE-2024-20656

    Windows Group Policy CVE-2024-20657

    Microsoft Virtual Hard Drive CVE-2024-20658

    Windows Message Queuing CVE-2024-20660

    Windows Message Queuing CVE-2024-20661

    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20662

    Windows Message Queuing CVE-2024-20663

    Windows Message Queuing CVE-2024-20664

    Windows BitLocker CVE-2024-20666

    .NET Core & Visual Studio CVE-2024-20672

    Windows Authentication Methods CVE-2024-20674

    Azure Storage Mover CVE-2024-20676

    Microsoft Office CVE-2024-20677

    Windows Message Queuing CVE-2024-20680

    Windows Subsystem for Linux CVE-2024-20681

    Windows Cryptographic Services CVE-2024-20682

    Windows Win32K CVE-2024-20683

    Windows Win32 Kernel Subsystem CVE-2024-20686

    Windows AllJoyn API CVE-2024-20687

    Windows Nearby Sharing CVE-2024-20690

    Windows Themes CVE-2024-20691

    Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-20692

    Windows Collaborative Translation Framework CVE-2024-20694

    Windows Libarchive CVE-2024-20696

    Windows Libarchive CVE-2024-20697

    Windows Kernel CVE-2024-20698

    Windows Hyper-V CVE-2024-20699

    Windows Hyper-V CVE-2024-20700

    Unified Extensible Firmware Interface CVE-2024-21305

    Microsoft Bluetooth Driver CVE-2024-21306

    Remote Desktop Client CVE-2024-21307

    Windows Kernel-Mode Drivers CVE-2024-21309

    Windows Cloud Files Mini Filter Driver CVE-2024-21310

    Windows Cryptographic Services CVE-2024-21311

    .NET Framework CVE-2024-21312

    Windows TCP/IP CVE-2024-21313

    Windows Message Queuing CVE-2024-21314

    Windows Server Key Distribution Service CVE-2024-21316

    Microsoft Office SharePoint CVE-2024-21318

    Microsoft Identity Services CVE-2024-21319

    Windows Themes CVE-2024-21320

    Microsoft Devices CVE-2024-21325



    We are republishing 5 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    MITRE Corporation SQLite CVE-2022-35737

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0222

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0223

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0224

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0225



    Security Update Guide Blog Posts

    Date Blog Post

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    nstalls KB Article Title

    5034121 Windows 11, version 21H2

    5034122 Windows 10, version 21H2, Windows 10, version 22H2

    5034123 Windows 11, version 22H2, Windows 11, version 23H2

    5034127 Windows 10, version 1809, Windows Server 2019

    5034167 Windows Server 2008 R2 (Security-only update)

    5034169 Windows Server 2008 R2 (Monthly Rollup)

    5034173 Windows Server 2008 (Monthly Rollup)

    5034176 Windows Server 2008 (Security-only update)


    Released: Jan 9, 2024

    January 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  38. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member


    February 2024 Security Updates
    This release consists of the following 73 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    Azure DevOps CVE-2024-20667
    Microsoft Office CVE-2024-20673
    Azure Stack CVE-2024-20679
    Windows Hyper-V CVE-2024-20684
    Skype for Business CVE-2024-20695
    Trusted Compute Base CVE-2024-21304
    Microsoft Defender for Endpoint CVE-2024-21315
    Microsoft Dynamics CVE-2024-21327
    Microsoft Dynamics CVE-2024-21328
    Azure Connected Machine Agent CVE-2024-21329
    Windows Kernel CVE-2024-21338
    Windows USB Serial Driver CVE-2024-21339
    Windows Kernel CVE-2024-21340
    Windows Kernel CVE-2024-21341
    Role: DNS Server CVE-2024-21342
    Windows Internet Connection Sharing (ICS) CVE-2024-21343
    Windows Internet Connection Sharing (ICS) CVE-2024-21344
    Windows Kernel CVE-2024-21345
    Windows Win32K - ICOMP CVE-2024-21346
    SQL Server CVE-2024-21347
    Windows Internet Connection Sharing (ICS) CVE-2024-21348
    Microsoft ActiveX CVE-2024-21349
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21350
    Windows SmartScreen CVE-2024-21351
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21352
    Microsoft WDAC ODBC Driver CVE-2024-21353
    Windows Message Queuing CVE-2024-21354
    Windows Message Queuing CVE-2024-21355
    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-21356
    Windows Internet Connection Sharing (ICS) CVE-2024-21357
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21358
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21359
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21360
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21361
    Windows Kernel CVE-2024-21362
    Windows Message Queuing CVE-2024-21363
    Azure Site Recovery CVE-2024-21364
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21365
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21366
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21367
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21368
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21369
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21370
    Windows Kernel CVE-2024-21371
    Windows OLE CVE-2024-21372
    Microsoft Teams for Android CVE-2024-21374
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21375
    Microsoft Azure Kubernetes Service CVE-2024-21376
    Microsoft Windows DNS CVE-2024-21377
    Microsoft Office Outlook CVE-2024-21378
    Microsoft Office Word CVE-2024-21379
    Microsoft Dynamics CVE-2024-21380
    Azure Active Directory CVE-2024-21381
    Microsoft Office OneNote CVE-2024-21384
    .NET CVE-2024-21386
    Microsoft Dynamics CVE-2024-21389
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21391
    Microsoft Dynamics CVE-2024-21393
    Microsoft Dynamics CVE-2024-21394
    Microsoft Dynamics CVE-2024-21395
    Microsoft Dynamics CVE-2024-21396
    Azure File Sync CVE-2024-21397
    Microsoft Edge (Chromium-based) CVE-2024-21399
    Azure Active Directory CVE-2024-21401
    Microsoft Office Outlook CVE-2024-21402
    Microsoft Azure Kubernetes Service CVE-2024-21403
    .NET CVE-2024-21404
    Windows Message Queuing CVE-2024-21405
    Microsoft Windows CVE-2024-21406
    Microsoft Exchange Server CVE-2024-21410
    Internet Shortcut Files CVE-2024-21412
    Microsoft Office CVE-2024-21413
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21420

    We are republising 6 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    MITRE Role: DNS Server CVE-2023-50387 No No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-1059 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-1060 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-1077 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-1283 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-1284 Yes No No

    Security Update Guide Blog Posts
    Date Blog Post
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5034763 Windows 10, version 21H2, Windows 10, version 22H2
    5034770 Windows Server 2022
    5034795 Windows Server 2008 (Monthly Rollup)
    5034833 Windows Server 2008 R2 (Security-only update)
    5035606 Exchange Server 2019
    Released: Feb 13, 2024
    February 2024 Security Updates - Release Notes - Security Update Guide - Microsoft

     
  39. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    March 2024 Security Updates
    This release consists of the following 61 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows Defender CVE-2024-20671

    Open Management Infrastructure CVE-2024-21330
    Open Management Infrastructure CVE-2024-21334
    Microsoft Authenticator CVE-2024-21390
    .NET CVE-2024-21392
    Microsoft Azure Kubernetes Service CVE-2024-21400
    Role: Windows Hyper-V CVE-2024-21407
    Role: Windows Hyper-V CVE-2024-21408
    Skype for Consumer CVE-2024-21411
    Software for Open Networking in the Cloud (SONiC) CVE-2024-21418
    Microsoft Dynamics CVE-2024-21419
    Azure SDK CVE-2024-21421
    Microsoft Office SharePoint CVE-2024-21426
    Windows Kerberos CVE-2024-21427
    Windows USB Hub Driver CVE-2024-21429
    Windows USB Serial Driver CVE-2024-21430
    Windows Hypervisor-Protected Code Integrity CVE-2024-21431
    Windows Update Stack CVE-2024-21432
    Windows Print Spooler Components CVE-2024-21433
    Microsoft Windows SCSI Class System File CVE-2024-21434
    Windows OLE CVE-2024-21435
    Windows Installer CVE-2024-21436
    Microsoft Graphics Component CVE-2024-21437
    Windows AllJoyn API CVE-2024-21438
    Windows Telephony Server CVE-2024-21439
    Windows ODBC Driver CVE-2024-21440
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21441
    Windows USB Print Driver CVE-2024-21442
    Windows Kernel CVE-2024-21443
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21444
    Windows USB Print Driver CVE-2024-21445
    Windows NTFS CVE-2024-21446
    Microsoft Teams for Android CVE-2024-21448
    Microsoft WDAC OLE DB provider for SQL CVE-2024-21450
    Microsoft WDAC ODBC Driver CVE-2024-21451
    Windows ODBC Driver CVE-2024-26159
    Windows Cloud Files Mini Filter Driver CVE-2024-26160
    Microsoft WDAC OLE DB provider for SQL CVE-2024-26161
    Windows ODBC Driver CVE-2024-26162
    SQL Server CVE-2024-26164
    Visual Studio Code CVE-2024-26165
    Microsoft WDAC OLE DB provider for SQL CVE-2024-26166
    Microsoft Edge for Android CVE-2024-26167
    Windows Error Reporting CVE-2024-26169
    Windows Composite Image File System CVE-2024-26170
    Windows Kernel CVE-2024-26173
    Windows Kernel CVE-2024-26174
    Windows Kernel CVE-2024-26176
    Windows Kernel CVE-2024-26177
    Windows Kernel CVE-2024-26178
    Windows Kernel CVE-2024-26181
    Windows Kernel CVE-2024-26182
    Windows Compressed Folder CVE-2024-26185
    Microsoft QUIC CVE-2024-26190
    Windows Standards-Based Storage Management Service CVE-2024-26197
    Microsoft Exchange Server CVE-2024-26198
    Microsoft Office CVE-2024-26199
    Microsoft Intune CVE-2024-26201
    Azure Data Studio CVE-2024-26203
    Outlook for Android CVE-2024-26204

    We are republising 4 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Intel Corporation Intel CVE-2023-28746

    Chrome Microsoft Edge (Chromium-based) CVE-2024-2173
    Chrome Microsoft Edge (Chromium-based) CVE-2024-2174
    Chrome Microsoft Edge (Chromium-based) CVE-2024-2176

    Security Update Guide Blog Posts
    Date Blog Post
    February 15, 2024 New Security Advisory Tab Added to the Microsoft Security Update Guide

    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


    KB Article Applies To
    5035845 Windows 10, version 21H2, Windows 10, version 22H2

    5035920 Windows Server 2008 (Monthly Rollup)
    5035933 Windows Server 2008 (Security-only update)
    5036386 Exchange Server 2016
    5036401 Exchange Server 2019 Cumulative Update 14
    5036402 Exchange Server 2019 Cumulative Update 13
    Released: Mar 12, 2024
    March 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  40. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    This release consists of the following 149 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows BitLocker CVE-2024-20665
    Windows Secure Boot CVE-2024-20669
    Microsoft Office Outlook CVE-2024-20670
    Azure Private 5G Core CVE-2024-20685
    Windows Secure Boot CVE-2024-20688
    Windows Secure Boot CVE-2024-20689
    Windows Kernel CVE-2024-20693
    Microsoft Defender for IoT CVE-2024-21322
    Microsoft Defender for IoT CVE-2024-21323
    Microsoft Defender for IoT CVE-2024-21324
    .NET and Visual Studio CVE-2024-21409
    Azure Compute Gallery CVE-2024-21424
    Windows Authentication Methods CVE-2024-21447
    Microsoft Install Service CVE-2024-26158
    Windows Secure Boot CVE-2024-26168
    Windows Secure Boot CVE-2024-26171
    Windows DWM Core Library CVE-2024-26172
    Windows Secure Boot CVE-2024-26175
    Windows Routing and Remote Access Service (RRAS) CVE-2024-26179
    Windows Secure Boot CVE-2024-26180
    Windows Kerberos CVE-2024-26183
    Windows Secure Boot CVE-2024-26189
    Azure Migrate CVE-2024-26193
    Windows Secure Boot CVE-2024-26194
    Windows DHCP Server CVE-2024-26195
    Windows Routing and Remote Access Service (RRAS) CVE-2024-26200
    Windows DHCP Server CVE-2024-26202
    Windows Routing and Remote Access Service (RRAS) CVE-2024-26205
    Windows Remote Access Connection Manager CVE-2024-26207
    Windows Message Queuing CVE-2024-26208
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-26209
    Microsoft WDAC OLE DB provider for SQL CVE-2024-26210
    Windows Remote Access Connection Manager CVE-2024-26211
    Windows DHCP Server CVE-2024-26212
    Microsoft Brokering File System CVE-2024-26213
    Microsoft WDAC ODBC Driver CVE-2024-26214
    Windows DHCP Server CVE-2024-26215
    Windows File Server Resource Management Service CVE-2024-26216
    Windows Remote Access Connection Manager CVE-2024-26217
    Windows Kernel CVE-2024-26218
    Windows HTTP.sys CVE-2024-26219
    Windows Mobile Hotspot CVE-2024-26220
    Role: DNS Server CVE-2024-26221
    Role: DNS Server CVE-2024-26222
    Role: DNS Server CVE-2024-26223
    Role: DNS Server CVE-2024-26224
    Windows Distributed File System (DFS) CVE-2024-26226
    Role: DNS Server CVE-2024-26227
    Windows Cryptographic Services CVE-2024-26228
    Windows Kernel CVE-2024-26229
    Windows Remote Access Connection Manager CVE-2024-26230
    Role: DNS Server CVE-2024-26231
    Windows Message Queuing CVE-2024-26232
    Role: DNS Server CVE-2024-26233
    Windows Proxy Driver CVE-2024-26234
    Windows Update Stack CVE-2024-26235
    Windows Update Stack CVE-2024-26236
    Windows Defender Credential Guard CVE-2024-26237
    Windows Remote Access Connection Manager CVE-2024-26239
    Windows Secure Boot CVE-2024-26240
    Windows Win32K - ICOMP CVE-2024-26241
    Windows Telephony Server CVE-2024-26242
    Windows USB Print Driver CVE-2024-26243
    Microsoft WDAC OLE DB provider for SQL CVE-2024-26244
    Windows Kernel CVE-2024-26245
    Windows Kerberos CVE-2024-26248
    Windows Secure Boot CVE-2024-26250
    Microsoft Office SharePoint CVE-2024-26251
    Windows Internet Connection Sharing (ICS) CVE-2024-26252
    Windows Internet Connection Sharing (ICS) CVE-2024-26253
    Windows Virtual Machine Bus CVE-2024-26254
    Windows Remote Access Connection Manager CVE-2024-26255
    Windows Compressed Folder CVE-2024-26256
    Microsoft Office Excel CVE-2024-26257
    Windows Secure Boot CVE-2024-28896
    Windows Secure Boot CVE-2024-28897
    Windows Secure Boot CVE-2024-28898
    Windows Remote Access Connection Manager CVE-2024-28900
    Windows Remote Access Connection Manager CVE-2024-28901
    Windows Remote Access Connection Manager CVE-2024-28902
    Windows Secure Boot CVE-2024-28903
    Microsoft Brokering File System CVE-2024-28904
    Microsoft Brokering File System CVE-2024-28905
    SQL Server CVE-2024-28906
    Microsoft Brokering File System CVE-2024-28907
    SQL Server CVE-2024-28908
    SQL Server CVE-2024-28909
    SQL Server CVE-2024-28910
    SQL Server CVE-2024-28911
    SQL Server CVE-2024-28912
    SQL Server CVE-2024-28913
    SQL Server CVE-2024-28914
    SQL Server CVE-2024-28915
    Azure Arc CVE-2024-28917
    Windows Secure Boot CVE-2024-28919
    Windows Secure Boot CVE-2024-28920
    Windows Secure Boot CVE-2024-28921
    Windows Secure Boot CVE-2024-28922
    Windows Secure Boot CVE-2024-28923
    Windows Secure Boot CVE-2024-28924
    Windows Secure Boot CVE-2024-28925
    SQL Server CVE-2024-28926
    SQL Server CVE-2024-28927
    SQL Server CVE-2024-28929
    SQL Server CVE-2024-28930
    SQL Server CVE-2024-28931
    SQL Server CVE-2024-28932
    SQL Server CVE-2024-28933
    SQL Server CVE-2024-28934
    SQL Server CVE-2024-28935
    SQL Server CVE-2024-28936
    SQL Server CVE-2024-28937
    SQL Server CVE-2024-28938
    SQL Server CVE-2024-28939
    SQL Server CVE-2024-28940
    SQL Server CVE-2024-28941
    SQL Server CVE-2024-28942
    SQL Server CVE-2024-28943
    SQL Server CVE-2024-28944
    SQL Server CVE-2024-28945
    SQL Server CVE-2024-29043
    SQL Server CVE-2024-29044
    SQL Server CVE-2024-29045
    SQL Server CVE-2024-29046
    SQL Server CVE-2024-29047
    SQL Server CVE-2024-29048
    Microsoft Edge (Chromium-based) CVE-2024-29049
    Windows Cryptographic Services CVE-2024-29050
    Windows Storage CVE-2024-29052
    Microsoft Defender for IoT CVE-2024-29053
    Microsoft Defender for IoT CVE-2024-29054
    Microsoft Defender for IoT CVE-2024-29055
    Windows Authentication Methods CVE-2024-29056
    Windows Secure Boot CVE-2024-29061
    Windows Secure Boot CVE-2024-29062
    Azure AI Search CVE-2024-29063
    Role: Windows Hyper-V CVE-2024-29064
    Windows Distributed File System (DFS) CVE-2024-29066
    Microsoft Edge (Chromium-based) CVE-2024-29981
    SQL Server CVE-2024-29982
    SQL Server CVE-2024-29983
    SQL Server CVE-2024-29984
    SQL Server CVE-2024-29985
    Internet Shortcut Files CVE-2024-29988
    Azure Monitor CVE-2024-29989
    Microsoft Azure Kubernetes Service CVE-2024-29990
    Azure SDK CVE-2024-29992
    Azure CVE-2024-29993

    We are republising 6 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Intel Corporation Intel CVE-2024-2201
    Lenovo Windows Secure Boot CVE-2024-23593
    Lenovo Windows Secure Boot CVE-2024-23594
    Chrome Microsoft Edge (Chromium-based) CVE-2024-3156
    Chrome Microsoft Edge (Chromium-based) CVE-2024-3158
    Chrome Microsoft Edge (Chromium-based) CVE-2024-3159

    Security Update Guide Blog Posts
    Date Blog Post
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources



      • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
      • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
      • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
      • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5036892 Windows 10, version 21H2, Windows 10, version 22H2
    5036932 Windows Server 2008 (Monthly Rollup)
    5036950 Windows Server 2008 (Security-only update)
    Released: Apr 9, 2024

    April 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    Last edited: Apr 10, 2024
  41. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    May 2024 Security Updates


    This release consists of the following 60 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows Task Scheduler CVE-2024-26238
    Microsoft Windows SCSI Class System File CVE-2024-29994
    Windows Common Log File System Driver CVE-2024-29996
    Windows Mobile Broadband CVE-2024-29997
    Windows Mobile Broadband CVE-2024-29998
    Windows Mobile Broadband CVE-2024-29999
    Windows Mobile Broadband CVE-2024-30000
    Windows Mobile Broadband CVE-2024-30001
    Windows Mobile Broadband CVE-2024-30002
    Windows Mobile Broadband CVE-2024-30003
    Windows Mobile Broadband CVE-2024-30004
    Windows Mobile Broadband CVE-2024-30005
    Microsoft WDAC OLE DB provider for SQL CVE-2024-30006
    Microsoft Brokering File System CVE-2024-30007
    Windows DWM Core Library CVE-2024-30008
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30009
    Windows Hyper-V CVE-2024-30010
    Windows Hyper-V CVE-2024-30011
    Windows Mobile Broadband CVE-2024-30012
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30014
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30015
    Windows Cryptographic Services CVE-2024-30016
    Windows Hyper-V CVE-2024-30017
    Windows Kernel CVE-2024-30018
    Windows DHCP Server CVE-2024-30019
    Windows Cryptographic Services CVE-2024-30020
    Windows Mobile Broadband CVE-2024-30021
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30022
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30023
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30024
    Windows Common Log File System Driver CVE-2024-30025
    Windows NTFS CVE-2024-30027
    Windows Win32K - ICOMP CVE-2024-30028
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30029
    Windows Win32K - GRFX CVE-2024-30030
    Windows CNG Key Isolation Service CVE-2024-30031
    Windows DWM Core Library CVE-2024-30032
    Microsoft Windows Search Component CVE-2024-30033
    Windows Cloud Files Mini Filter Driver CVE-2024-30034
    Windows DWM Core Library CVE-2024-30035
    Windows Deployment Services CVE-2024-30036
    Windows Common Log File System Driver CVE-2024-30037
    Windows Win32K - ICOMP CVE-2024-30038
    Windows Remote Access Connection Manager CVE-2024-30039
    Windows MSHTML Platform CVE-2024-30040
    Microsoft Bing CVE-2024-30041
    Microsoft Office Excel CVE-2024-30042
    Microsoft Office SharePoint CVE-2024-30043
    Microsoft Office SharePoint CVE-2024-30044
    .NET and Visual Studio CVE-2024-30045
    Visual Studio CVE-2024-30046
    Microsoft Dynamics 365 Customer Insights CVE-2024-30047
    Microsoft Dynamics 365 Customer Insights CVE-2024-30048
    Windows Win32K - ICOMP CVE-2024-30049
    Windows Mark of the Web (MOTW) CVE-2024-30050
    Windows DWM Core Library CVE-2024-30051
    Azure Migrate CVE-2024-30053
    Power BI CVE-2024-30054 6.5
    Microsoft Edge (Chromium-based) CVE-2024-30055
    Microsoft Intune CVE-2024-30059

    We are republishing 7 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Github Visual Studio CVE-2024-32002 Yes No No
    Github Visual Studio CVE-2024-32004 Yes No No
    Chrome Microsoft Edge (Chromium-based) CVE-2024-4331
    Chrome Microsoft Edge (Chromium-based) CVE-2024-4368
    Chrome Microsoft Edge (Chromium-based) CVE-2024-4558
    Chrome Microsoft Edge (Chromium-based) CVE-2024-4559
    Chrome Microsoft Edge (Chromium-based) CVE-2024-4671

    Security Update Guide Blog Posts
    Date Blog Post
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5037768 Windows 10, version 21H2, Windows 10, version 22H2
    5037770 Windows 11, version 21H2
    5037771 Windows 11, version 22H2, Windows 11, version 23H2
    5037782 Windows Server 2022
    5037800 Windows Server 2008 (Monthly Rollup)
    5037836 Windows Server 2008 (Security-only update)

    Released: May 14, 2024
    May 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  42. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    June 2024 Security Updates


    This release consists of the following 49 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    Visual Studio CVE-2024-29060
    Visual Studio CVE-2024-30052
    Windows Server Service CVE-2024-30062
    Windows Distributed File System (DFS) CVE-2024-30063
    Windows Kernel CVE-2024-30064
    Windows Themes CVE-2024-30065
    Winlogon CVE-2024-30066
    Winlogon CVE-2024-30067
    Windows Kernel CVE-2024-30068
    Windows Remote Access Connection Manager CVE-2024-30069
    Windows DHCP Server CVE-2024-30070
    Windows Event Logging Service CVE-2024-30072
    Windows Link Layer Topology Discovery Protocol CVE-2024-30074
    Windows Link Layer Topology Discovery Protocol CVE-2024-30075
    Windows Container Manager Service CVE-2024-30076
    Microsoft WDAC OLE DB provider for SQL CVE-2024-30077
    Windows Wi-Fi Driver CVE-2024-30078
    Windows Server Service CVE-2024-30080
    Windows Win32K - GRFX CVE-2024-30082
    Windows Standards-Based Storage Management Service CVE-2024-30083
    Windows Kernel-Mode Drivers CVE-2024-30084
    Windows Cloud Files Mini Filter Driver CVE-2024-30085
    Windows Win32 Kernel Subsystem CVE-2024-30086
    Windows Win32K - GRFX CVE-2024-30087
    Windows NT OS Kernel CVE-2024-30088
    Microsoft Streaming Service CVE-2024-30089
    Microsoft Streaming Service CVE-2024-30090
    Windows Win32K - GRFX CVE-2024-30091
    Windows Storage CVE-2024-30093
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30094
    Windows Routing and Remote Access Service (RRAS) CVE-2024-30095
    Windows Cryptographic Services CVE-2024-30096
    Microsoft Windows Speech CVE-2024-30097
    Windows NT OS Kernel CVE-2024-30099
    Microsoft Office SharePoint CVE-2024-30100
    Microsoft Office CVE-2024-30101
    Microsoft Office Word CVE-2024-30102
    Microsoft Office Outlook CVE-2024-30103
    Microsoft Office CVE-2024-30104
    Dynamics Business Central CVE-2024-35248
    Dynamics Business Central CVE-2024-35249
    Windows Kernel-Mode Drivers CVE-2024-35250
    Azure Storage Library CVE-2024-35252
    Azure File Sync CVE-2024-35253
    Azure Monitor CVE-2024-35254
    Azure SDK CVE-2024-35255
    Microsoft Dynamics CVE-2024-35263
    Windows Perception Service CVE-2024-35265
    Azure Data Science Virtual Machines CVE-2024-37325

    We are republishing 9 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    MITRE Corporation Microsoft Windows CVE-2023-50868
    GitHub Visual Studio CVE-2024-29187
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5493
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5494
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5495
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5496
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5497
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5498
    Chrome Microsoft Edge (Chromium-based) CVE-2024-5499

    Security Update Guide Blog Posts
    Date Blog Post
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates and Windows 11 are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5039211 Windows 10, version 21H2, Windows 10, version 22H2
    5039213 Windows 11, version 21H2
    5039227 Windows Server 2022
    5039245 Windows Server 2008 (Monthly Rollup)
    5039266 Windows Server 2008 (Security-only update)

    Released: Jun 11, 2024
    https://msrc.microsoft.com/update-guide/releaseNote/2024-Jun
     
  43. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    July 2024 Security Updates



    This release consists of the following 139 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?


    SQL Server CVE-2024-20701

    SQL Server CVE-2024-21303

    SQL Server CVE-2024-21308

    SQL Server CVE-2024-21317

    SQL Server CVE-2024-21331

    SQL Server CVE-2024-21332

    SQL Server CVE-2024-21333

    SQL Server CVE-2024-21335

    SQL Server CVE-2024-21373

    SQL Server CVE-2024-21398

    SQL Server CVE-2024-21414

    SQL Server CVE-2024-21415

    Windows CoreMessaging CVE-2024-21417

    SQL Server CVE-2024-21425

    SQL Server CVE-2024-21428

    SQL Server CVE-2024-21449

    Windows Secure Boot CVE-2024-26184

    Windows Secure Boot CVE-2024-28899

    SQL Server CVE-2024-28928

    Windows MultiPoint Services CVE-2024-30013

    Microsoft Dynamics CVE-2024-30061

    Windows Remote Access Connection Manager CVE-2024-30071

    Windows Remote Access Connection Manager CVE-2024-30079

    Windows NTLM CVE-2024-30081

    Windows Cryptographic Services CVE-2024-30098

    .NET and Visual Studio CVE-2024-30105

    Microsoft Office SharePoint CVE-2024-32987

    SQL Server CVE-2024-35256

    Azure Network Watcher CVE-2024-35261

    .NET and Visual Studio CVE-2024-35264

    Azure DevOps CVE-2024-35266

    Azure DevOps CVE-2024-35267

    Windows iSCSI CVE-2024-35270

    SQL Server CVE-2024-35271

    SQL Server CVE-2024-35272

    SQL Server CVE-2024-37318

    SQL Server CVE-2024-37319

    SQL Server CVE-2024-37320

    SQL Server CVE-2024-37321

    SQL Server CVE-2024-37322

    SQL Server CVE-2024-37323

    SQL Server CVE-2024-37324

    SQL Server CVE-2024-37326

    SQL Server CVE-2024-37327

    SQL Server CVE-2024-37328

    SQL Server CVE-2024-37329

    SQL Server CVE-2024-37330

    SQL Server CVE-2024-37331

    SQL Server CVE-2024-37332

    SQL Server CVE-2024-37333

    SQL Server CVE-2024-37334

    SQL Server CVE-2024-37336

    Windows Secure Boot CVE-2024-37969

    Windows Secure Boot CVE-2024-37970

    Windows Secure Boot CVE-2024-37971

    Windows Secure Boot CVE-2024-37972

    Windows Secure Boot CVE-2024-37973

    Windows Secure Boot CVE-2024-37974

    Windows Secure Boot CVE-2024-37975

    Windows Secure Boot CVE-2024-37977

    Windows Secure Boot CVE-2024-37978

    Windows Secure Boot CVE-2024-37981

    Windows Secure Boot CVE-2024-37984

    Windows Secure Boot CVE-2024-37986

    Windows Secure Boot CVE-2024-37987

    Windows Secure Boot CVE-2024-37988

    Windows Secure Boot CVE-2024-37989

    Windows Secure Boot CVE-2024-38010

    Windows Secure Boot CVE-2024-38011

    Windows Server Backup CVE-2024-38013

    Windows Remote Desktop CVE-2024-38015

    Windows Message Queuing CVE-2024-38017

    Windows Performance Monitor CVE-2024-38019

    Microsoft Office Outlook CVE-2024-38020

    Microsoft Office CVE-2024-38021

    Windows Image Acquisition CVE-2024-38022

    Microsoft Office SharePoint CVE-2024-38023

    Microsoft Office SharePoint CVE-2024-38024

    Windows Performance Monitor CVE-2024-38025

    Line Printer Daemon Service (LPD) CVE-2024-38027

    Windows Performance Monitor CVE-2024-38028

    Windows Themes CVE-2024-38030

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38031

    XBox Crypto Graphic Services CVE-2024-38032

    Windows PowerShell CVE-2024-38033

    Windows Filtering CVE-2024-38034

    Windows Kernel CVE-2024-38041

    Windows PowerShell CVE-2024-38043

    Windows DHCP Server CVE-2024-38044

    Windows PowerShell CVE-2024-38047

    NDIS CVE-2024-38048

    Windows Distributed Transaction Coordinator CVE-2024-38049

    Windows Workstation Service CVE-2024-38050

    Microsoft Graphics Component CVE-2024-38051

    Microsoft Streaming Service CVE-2024-38052

    Windows Internet Connection Sharing (ICS) CVE-2024-38053

    Microsoft Streaming Service CVE-2024-38054

    Microsoft Windows Codecs Library CVE-2024-38055

    Microsoft Windows Codecs Library CVE-2024-38056

    Microsoft Streaming Service CVE-2024-38057

    Windows BitLocker CVE-2024-38058

    Windows Win32K - ICOMP CVE-2024-38059

    Microsoft Windows Codecs Library CVE-2024-38060

    Role: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061

    Windows Kernel-Mode Drivers CVE-2024-38062

    Windows TCP/IP CVE-2024-38064

    Windows Secure Boot CVE-2024-38065

    Windows Win32K - GRFX CVE-2024-38066

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38067

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38068

    Windows Enroll Engine CVE-2024-38069

    Windows LockDown Policy (WLDP) CVE-2024-38070

    Windows Remote Desktop Licensing Service CVE-2024-38071

    Windows Remote Desktop Licensing Service CVE-2024-38072

    Windows Remote Desktop Licensing Service CVE-2024-38073

    Windows Remote Desktop Licensing Service CVE-2024-38074

    Active Directory Federation Services CVE-2024-38075

    Windows Remote Desktop CVE-2024-38076

    Windows Remote Desktop Licensing Service CVE-2024-38077

    XBox Crypto Graphic Services CVE-2024-38078

    Microsoft Graphics Component CVE-2024-38079

    Role: Windows Hyper-V CVE-2024-38080

    .NET and Visual Studio CVE-2024-38081

    Windows Win32 Kernel Subsystem CVE-2024-38085

    Azure Kinect SDK CVE-2024-38086

    SQL Server CVE-2024-38087

    SQL Server CVE-2024-38088

    Microsoft Defender for IoT CVE-2024-38089

    Microsoft WS-Discovery CVE-2024-38091

    Azure CycleCloud CVE-2024-38092

    Microsoft Office SharePoint CVE-2024-38094

    .NET and Visual Studio CVE-2024-38095

    Windows Remote Desktop Licensing Service CVE-2024-38099

    Windows COM Session CVE-2024-38100

    Windows Internet Connection Sharing (ICS) CVE-2024-38101

    Windows Internet Connection Sharing (ICS) CVE-2024-38102

    Windows Fax and Scan Service CVE-2024-38104

    Windows Internet Connection Sharing (ICS) CVE-2024-38105

    Windows MSHTML Platform CVE-2024-38112



    We are republishing 4 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    CERT/CC NPS RADIUS Server CVE-2024-3596 Yes No No

    Intel Intel CVE-2024-37985 Yes No No

    GitHub Active Directory Rights Management Services CVE-2024-38517 Yes No No

    Github Active Directory Rights Management Services CVE-2024-39684 Yes No No



    Security Update Guide Blog Posts

    Date Blog Post

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide



    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5040427 Windows 10, version 21H2, Windows 10, version 22H2

    5040430 Windows 10, version 1809, Windows Server 2019

    5040431 Windows 11, version 21H2

    5040437 Windows Server 2022

    5040442 Windows 11, version 22H2, Windows 11, version 23H2

    5040490 Windows Server 2008 (Security-only update)

    5040499 Windows Server 2008 (Monthly Rollup)




    Released: Jul 9, 2024

    July 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  44. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    August 2024 Security Updates



    This release consists of the following 90 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?


    Windows Secure Kernel Mode CVE-2024-21302

    Windows Kerberos CVE-2024-29995

    Microsoft Windows DNS CVE-2024-37968

    Windows TCP/IP CVE-2024-38063

    Microsoft Office CVE-2024-38084

    Azure Connected Machine Agent CVE-2024-38098

    Windows Kernel CVE-2024-38106

    Windows Power Dependency Coordinator CVE-2024-38107

    Azure Stack CVE-2024-38108

    Azure Health Bot CVE-2024-38109

    Windows IP Routing Management Snapin CVE-2024-38114

    Windows IP Routing Management Snapin CVE-2024-38115

    Windows IP Routing Management Snapin CVE-2024-38116

    Windows NTFS CVE-2024-38117

    Microsoft Local Security Authority Server (lsasrv) CVE-2024-38118

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38120

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38121

    Microsoft Local Security Authority Server (lsasrv) CVE-2024-38122

    Microsoft Bluetooth Driver CVE-2024-38123

    Microsoft Streaming Service CVE-2024-38125

    Windows Network Address Translation (NAT) CVE-2024-38126

    Windows Kernel CVE-2024-38127

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38128

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38130

    Windows Clipboard Virtual Channel Extension CVE-2024-38131

    Windows Network Address Translation (NAT) CVE-2024-38132

    Windows Kernel CVE-2024-38133

    Microsoft Streaming Service CVE-2024-38134

    Windows NT OS Kernel CVE-2024-38135

    Windows Resource Manager CVE-2024-38136

    Windows Resource Manager CVE-2024-38137

    Windows Deployment Services CVE-2024-38138

    Reliable Multicast Transport Driver (RMCAST) CVE-2024-38140

    Windows Ancillary Function Driver for WinSock CVE-2024-38141

    Windows Secure Kernel Mode CVE-2024-38142

    Windows WLAN Auto Config Service CVE-2024-38143

    Microsoft Streaming Service CVE-2024-38144

    Windows Layer-2 Bridge Network Driver CVE-2024-38145

    Windows Layer-2 Bridge Network Driver CVE-2024-38146

    Windows DWM Core Library CVE-2024-38147
    Windows Transport Security Layer (TLS) CVE-2024-38148

    Windows DWM Core Library CVE-2024-38150

    Windows Kernel CVE-2024-38151

    Microsoft WDAC OLE DB provider for SQL CVE-2024-38152

    Windows Kernel CVE-2024-38153

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38154

    Windows Security Center CVE-2024-38155

    Azure IoT SDK CVE-2024-38157

    Azure IoT SDK CVE-2024-38158

    Windows Network Virtualization CVE-2024-38159

    Windows Network Virtualization CVE-2024-38160

    Windows Mobile Broadband CVE-2024-38161

    Azure Connected Machine Agent CVE-2024-38162

    Windows Update Stack CVE-2024-38163

    Windows Compressed Folder CVE-2024-38165

    Microsoft Dynamics CVE-2024-38166

    .NET and Visual Studio CVE-2024-38167

    .NET and Visual Studio CVE-2024-38168

    Microsoft Office Visio CVE-2024-38169

    Microsoft Office Excel CVE-2024-38170

    Microsoft Office PowerPoint CVE-2024-38171

    Microsoft Office Excel CVE-2024-38172

    Microsoft Office Outlook CVE-2024-38173

    Windows App Installer CVE-2024-38177

    Windows Scripting CVE-2024-38178

    Windows SmartScreen CVE-2024-38180

    Windows Kernel-Mode Drivers CVE-2024-38184

    Windows Kernel-Mode Drivers CVE-2024-38185

    Windows Kernel-Mode Drivers CVE-2024-38186

    Windows Kernel-Mode Drivers CVE-2024-38187

    Microsoft Office Project CVE-2024-38189

    Windows Kernel-Mode Drivers CVE-2024-38191

    Windows Ancillary Function Driver for WinSock CVE-2024-38193

    Azure CycleCloud CVE-2024-38195

    Windows Common Log File System Driver CVE-2024-38196

    Microsoft Teams CVE-2024-38197

    Windows Print Spooler Components CVE-2024-38198

    Line Printer Daemon Service (LPD) CVE-2024-38199

    Microsoft Office CVE-2024-38200

    Azure Stack CVE-2024-38201

    Windows Update Stack CVE-2024-38202

    Microsoft Copilot Studio CVE-2024-38206

    Microsoft Dynamics CVE-2024-38211

    Windows Mark of the Web (MOTW) CVE-2024-38213

    Windows Routing and Remote Access Service (RRAS) CVE-2024-38214

    Windows Cloud Files Mini Filter Driver CVE-2024-38215

    Microsoft Edge (Chromium-based) CVE-2024-38218

    Microsoft Edge (Chromium-based) CVE-2024-38219

    Microsoft Edge (Chromium-based) CVE-2024-38222

    Windows Initial Machine Configuration CVE-2024-38223



    We are republishing 12 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    Red Hat, Inc. Windows Secure Boot CVE-2022-2601

    Red Hat, Inc. Windows Secure Boot CVE-2022-3775

    Red Hat, Inc. Windows Secure Boot CVE-2023-40547

    Chrome Microsoft Edge (Chromium-based) CVE-2024-6990

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7255

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7256

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7532

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7533

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7534

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7535

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7536

    Chrome Microsoft Edge (Chromium-based) CVE-2024-7550



    Security Update Guide Blog Posts

    Date Blog Post

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5041160 Windows Server 2022

    5041571 Windows 11 version 24H2

    5041578 Windows 10, version 1809, Windows Server 2019

    5041580 Windows 10, version 21H2, Windows 10, version 22H2

    5041592 Windows 11, version 21H2

    5041773 Windows 10, version 1607, Windows Server 2016

    5041828 Windows Server 2012 R2 (Monthly Rollup)

    5041847 Windows Server 2008 (Security-only update)

    5041850 Windows Server 2008 (Monthly Rollup)

    5041851 Windows Server 2012 (Monthly Rollup)


    Released: Aug 13, 2024
    https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug
     
    Last edited: Aug 13, 2024
  45. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    September 2024 Security Updates



    This release consists of the following 79 Microsoft CVEs:



    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    Windows TCP/IP CVE-2024-21416

    SQL Server CVE-2024-26186

    SQL Server CVE-2024-26191

    Windows Security Zone Mapping CVE-2024-30073

    SQL Server CVE-2024-37335

    SQL Server CVE-2024-37337

    SQL Server CVE-2024-37338

    SQL Server CVE-2024-37339

    SQL Server CVE-2024-37340

    SQL Server CVE-2024-37341

    SQL Server CVE-2024-37342

    SQL Server CVE-2024-37965

    SQL Server CVE-2024-37966

    SQL Server CVE-2024-37980

    Windows Installer CVE-2024-38014

    Microsoft Office SharePoint CVE-2024-38018

    Windows TCP/IP CVE-2024-38045

    Windows PowerShell CVE-2024-38046

    Windows Network Address Translation (NAT) CVE-2024-38119

    Azure Network Watcher CVE-2024-38188

    Azure Web Apps CVE-2024-38194

    Azure Stack CVE-2024-38216

    Windows Mark of the Web (MOTW) CVE-2024-38217

    Azure Stack CVE-2024-38220

    Dynamics Business Central CVE-2024-38225

    Microsoft Office Publisher CVE-2024-38226

    Microsoft Office SharePoint CVE-2024-38227

    Microsoft Office SharePoint CVE-2024-38228

    Windows Standards-Based Storage Management Service CVE-2024-38230

    Windows Remote Desktop Licensing Service CVE-2024-38231

    Windows Network Virtualization CVE-2024-38232

    Windows Network Virtualization CVE-2024-38233

    Windows Network Virtualization CVE-2024-38234

    Role: Windows Hyper-V CVE-2024-38235

    Windows DHCP Server CVE-2024-38236

    Microsoft Streaming Service CVE-2024-38237

    Microsoft Streaming Service CVE-2024-38238

    Windows Kerberos CVE-2024-38239

    Windows Remote Access Connection Manager CVE-2024-38240

    Microsoft Streaming Service CVE-2024-38241

    Microsoft Streaming Service CVE-2024-38242

    Microsoft Streaming Service CVE-2024-38243

    Microsoft Streaming Service CVE-2024-38244

    Microsoft Streaming Service CVE-2024-38245

    Windows Win32K - GRFX CVE-2024-38246

    Microsoft Graphics Component CVE-2024-38247

    Windows Storage CVE-2024-38248

    Microsoft Graphics Component CVE-2024-38249

    Microsoft Graphics Component CVE-2024-38250

    Windows Win32K - ICOMP CVE-2024-38252

    Windows Win32K - ICOMP CVE-2024-38253

    Windows Authentication Methods CVE-2024-38254

    Windows Kernel-Mode Drivers CVE-2024-38256

    Windows AllJoyn API CVE-2024-38257

    Windows Remote Desktop Licensing Service CVE-2024-38258

    Microsoft Management Console CVE-2024-38259

    Windows Remote Desktop Licensing Service CVE-2024-38260

    Windows Remote Desktop Licensing Service CVE-2024-38263

    Windows Remote Desktop Licensing Service CVE-2024-43454

    Windows Remote Desktop Licensing Service CVE-2024-43455

    Windows Setup and Deployment CVE-2024-43457

    Windows Network Virtualization CVE-2024-43458

    Windows MSHTML Platform CVE-2024-43461

    Microsoft Office Visio CVE-2024-43463

    Microsoft Office SharePoint CVE-2024-43464

    Microsoft Office Excel CVE-2024-43465

    Microsoft Office SharePoint CVE-2024-43466

    Windows Remote Desktop Licensing Service CVE-2024-43467

    Azure CycleCloud CVE-2024-43469

    Azure Network Watcher CVE-2024-43470

    SQL Server CVE-2024-43474

    Windows Admin Center CVE-2024-43475

    Microsoft Dynamics 365 (on-premises) CVE-2024-43476

    Power Automate CVE-2024-43479

    Microsoft Outlook for iOS CVE-2024-43482

    Windows Mark of the Web (MOTW) CVE-2024-43487

    Windows Update CVE-2024-43491

    Microsoft AutoUpdate (MAU) CVE-2024-43492

    Windows Libarchive CVE-2024-43495



    Security Update Guide Blog Posts

    Date Blog Post

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide



    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5002624 SharePoint Enterprise Server 2016

    5002639 SharePoint Server 2019

    5002640 SharePoint Server Subscription Edition

    5042881 Windows 11, version 21H2

    5043051 Windows 10, version 1607, Windows Server 2016

    5043064 Windows 11 version 24H2

    5043067 Windows 11, version 21H2

    5043076 Windows 11, version 22H2, Windows 11, version 23H2

    5043080 Windows 11 version 24H2

    5043083 Windows 10

    5043087 Windows Server 2008 (Security-only update)

    5043135 Windows Server 2008 (Monthly Rollup)


    Released: Sep 10, 2024

    September 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
  46. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    October 2024 Security Updates
    This release consists of the following 117 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Role: Windows Hyper-V CVE-2024-20659
    Windows Hyper-V CVE-2024-30092
    Windows EFI Partition CVE-2024-37976
    Windows Kernel CVE-2024-37979
    Windows EFI Partition CVE-2024-37982
    Windows EFI Partition CVE-2024-37983
    OpenSSH for Windows CVE-2024-38029
    Azure Monitor CVE-2024-38097
    Windows Netlogon CVE-2024-38124
    Windows Kerberos CVE-2024-38129
    BranchCache CVE-2024-38149
    Azure Stack CVE-2024-38179
    Windows Routing and Remote Access Service (RRAS) CVE-2024-38212
    .NET and Visual Studio CVE-2024-38229
    Windows Routing and Remote Access Service (RRAS) CVE-2024-38261 7
    Windows Remote Desktop Licensing Service CVE-2024-38262 7
    Windows Routing and Remote Access Service (RRAS) CVE-2024-38265
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43453
    Windows Remote Desktop Services CVE-2024-43456
    Microsoft Configuration Manager CVE-2024-43468
    Service Fabric CVE-2024-43480
    Power BI CVE-2024-43481
    .NET, .NET Framework, Visual Studio CVE-2024-43483
    .NET, .NET Framework, Visual Studio CVE-2024-43484
    .NET and Visual Studio CVE-2024-43485
    Visual Studio Code CVE-2024-43488
    DeepSpeed CVE-2024-43497
    Windows Resilient File System (ReFS) CVE-2024-43500
    Windows Common Log File System Driver CVE-2024-43501
    Windows Kernel CVE-2024-43502
    Microsoft Office SharePoint CVE-2024-43503
    Microsoft Office Excel CVE-2024-43504 7
    Microsoft Office Visio CVE-2024-43505
    BranchCache CVE-2024-43506
    Microsoft Graphics Component CVE-2024-43508
    Microsoft Graphics Component CVE-2024-43509
    Windows Kernel CVE-2024-43511
    Windows Standards-Based Storage Management Service CVE-2024-43512
    Windows BitLocker CVE-2024-43513
    Windows NTFS CVE-2024-43514
    Internet Small Computer Systems Interface (iSCSI) CVE-2024-43515
    Windows Secure Kernel Mode CVE-2024-43516
    Microsoft ActiveX CVE-2024-43517
    Windows Telephony Server CVE-2024-43518
    Microsoft WDAC OLE DB provider for SQL CVE-2024-43519
    Windows Kernel CVE-2024-43520 5
    Role: Windows Hyper-V CVE-2024-43521
    Windows Local Security Authority (LSA) CVE-2024-43522 7
    Windows Mobile Broadband CVE-2024-43523
    Windows Mobile Broadband CVE-2024-43524
    Windows Mobile Broadband CVE-2024-43525
    Windows Mobile Broadband CVE-2024-43526
    Windows Kernel CVE-2024-43527
    Windows Secure Kernel Mode CVE-2024-43528
    Windows Print Spooler Components CVE-2024-43529
    RPC Endpoint Mapper Service CVE-2024-43532
    Remote Desktop Client CVE-2024-43533
    Microsoft Graphics Component CVE-2024-43534
    Windows Kernel-Mode Drivers CVE-2024-43535
    Windows Mobile Broadband CVE-2024-43536
    Windows Mobile Broadband CVE-2024-43537
    Windows Mobile Broadband CVE-2024-43538
    Windows Mobile Broadband CVE-2024-43540
    Microsoft Simple Certificate Enrollment Protocol CVE-2024-43541
    Windows Mobile Broadband CVE-2024-43542
    Windows Mobile Broadband CVE-2024-43543
    Microsoft Simple Certificate Enrollment Protocol CVE-2024-43544
    Windows Online Certificate Status Protocol (OCSP) CVE-2024-43545
    Windows Cryptographic Services CVE-2024-43546
    Windows Kerberos CVE-2024-43547
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43549
    Windows Secure Channel CVE-2024-43550
    Windows Storage CVE-2024-43551
    Windows Shell CVE-2024-43552
    Windows NT OS Kernel CVE-2024-43553
    Windows Kernel-Mode Drivers CVE-2024-43554
    Windows Mobile Broadband CVE-2024-43555
    Microsoft Graphics Component CVE-2024-43556
    Windows Mobile Broadband CVE-2024-43557
    Windows Mobile Broadband CVE-2024-43558
    Windows Mobile Broadband CVE-2024-43559
    Windows Storage Port Driver CVE-2024-43560
    Windows Mobile Broadband CVE-2024-43561
    Windows Network Address Translation (NAT) CVE-2024-43562
    Windows Ancillary Function Driver for WinSock CVE-2024-43563
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43564
    Windows Network Address Translation (NAT) CVE-2024-43565
    Role: Windows Hyper-V CVE-2024-43567
    Windows Kernel CVE-2024-43570
    Sudo for Windows CVE-2024-43571
    Microsoft Management Console CVE-2024-43572
    Windows MSHTML Platform CVE-2024-43573
    Microsoft Windows Speech CVE-2024-43574
    Role: Windows Hyper-V CVE-2024-43575
    Microsoft Office CVE-2024-43576
    OpenSSH for Windows CVE-2024-43581
    Windows Remote Desktop CVE-2024-43582
    Winlogon CVE-2024-43583
    Windows Scripting CVE-2024-43584
    Code Integrity Guard CVE-2024-43585
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43589
    Visual C++ Redistributable Installer CVE-2024-43590
    Azure CLI CVE-2024-43591
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43592
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43593
    Remote Desktop Client CVE-2024-43599
    Visual Studio Code CVE-2024-43601
    Visual Studio CVE-2024-43603
    Outlook for Android CVE-2024-43604
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43607
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43608
    Microsoft Office CVE-2024-43609
    Windows Routing and Remote Access Service (RRAS) CVE-2024-43611
    Power BI CVE-2024-43612
    Microsoft Defender for Endpoint CVE-2024-43614
    OpenSSH for Windows CVE-2024-43615
    Microsoft Office CVE-2024-43616

    We are republishing 4 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Hackerone Windows cURL Implementation CVE-2024-6197
    Chrome Microsoft Edge (Chromium-based) CVE-2024-7025
    Chrome Microsoft Edge (Chromium-based) CVE-2024-9369
    Chrome Microsoft Edge (Chromium-based) CVE-2024-9370

    Security Update Guide Blog Posts
    Date Blog Post
    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources

      • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
      • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
      • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
      • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5044273 Windows 10, version 21H2, Windows 10, version 22H2
    5044280 Windows 11, version 21H2
    5044281 Windows Server 2022
    5044284 Windows 11 version 24H2
    5044306 Windows Server 2008 (Security-only update)
    5044320 Windows Server 2008 (Monthly Rollup)
    5044342 Windows Server 2012 (Monthly Rollup)
    5044343 Windows Server 2012 R2 (Monthly Rollup)

    Released: Oct 8, 2024
    https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct

     
    Last edited: Oct 8, 2024

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds