October 2018 Security Updates
October 2018 Security Updates
The October security release consists of security updates for the following software:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- ChakraCore
- .NET Core
- PowerShell Core
- SQL Server Management Studio
- Microsoft Exchange Server
- Azure IoT Edge
- Hub Device Client SDK for Azure IoT
- Yammer Desktop Application
Please note the following information regarding the security updates:
- Customers running Windows 7 or Windows Server 2008 R2 need to ensure they have Servicing Stack Update (SSU) 3177467 installed before installing the October 2018 security updates, to avoid a failure to install. See Microsoft Knowledge Base Article 3177467 for more information about this SSU.
- Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
- Starting in March 2017, a delta package will be available on the Microsoft Update Catalog for Windows 10 version 1607 and newer. This delta package contains just the delta changes between the previous month and the current release.
- Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
- For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
- In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.
- ADV180026
- CVE-2010-3190*
- CVE-2018-8292
- CVE-2018-8330
- CVE-2018-8427
- CVE-2018-8432
- CVE-2018-8472
- CVE-2018-8481
- CVE-2018-8482
- CVE-2018-8486
- CVE-2018-8493
- CVE-2018-8501
- CVE-2018-8503
- CVE-2018-8504
- CVE-2018-8506
- CVE-2018-8530*
- CVE-2018-8532
- CVE-2018-8533
Known Issues
| 10/19/2018 | Yammer Desktop App | What’s New In Yammer | Security Update | Remote Code Execution | CVE-2018-8569 | |
| 10/09/2018 | Windows 8.1 for x64-based systems | 4462926 | Monthly Rollup | Information Disclosure | CVE-2018-8493 | |
| 4462941 | Security Only | |||||
| 10/09/2018 | Windows 10 Version 1607 for x64-based Systems | 4462917 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1607 for 32-bit Systems | 4462917 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 for x64-based Systems | 4462922 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server 2012 R2 | 4462926 | Monthly Rollup | Information Disclosure | CVE-2018-8493 | |
| 4462941 | Security Only | |||||
| 10/09/2018 | Windows 10 for 32-bit Systems | 4462922 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows RT 8.1 | 4462926 | Monthly Rollup | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server 2016 | 4462917 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server 2016 (Server Core installation) | 4462917 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1703 for x64-based Systems | 4462937 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1703 for 32-bit Systems | 4462937 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1709 for 32-bit Systems | 4462918 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1709 for 64-based Systems | 4462918 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server, version 1709 (Server Core Installation) | 4462918 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1803 for 32-bit Systems | 4462919 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows 10 Version 1803 for x64-based Systems | 4462919 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server, version 1803 (Server Core Installation) | 4462919 | Security Update | Information Disclosure | CVE-2018-8493 | |
| 10/09/2018 | Windows Server 2008 for 32-bit Systems Service Pack 2 | 4463097 | Monthly Rollup | Remote Code Execution | CVE-2018-8494 | |
| 4463104 | Security Only | |||||
| 10/09/2018 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4462923 | Monthly Rollup | Remote Code Execution | CVE-2018-8494 | |
| 4462915 | Security Only |