Home / Tech News / IDG Contributor Network: Critical updates to IE and Flash for November Patch Tuesday

IDG Contributor Network: Critical updates to IE and Flash for November Patch Tuesday

November brings a slightly mild sequence of updates from Microsoft. We see a go back to shape, with Microsoft liberating every other vital replace to Adobe Flash and a number of other vital patches to Microsoft Web Explorer (IE) and Edge. Workplace and Home windows platforms (desktop and server) have much less serious reported exposures and not using a reported vital updates for November. Sadly, there are already a couple of reported deployment problems with the Home windows updates, with the observe patch-related Wisdom Base (KB) problems reported through Microsoft:

  • 4048952, 4048954, 4048953 (Home windows 10 1511, 1607, 1703) : Common Home windows Platform (UWP) packages that use JavaScript and asm.js might prevent running after putting in KB4041676. Web Explorer 11 customers who use SQL Server Reporting Services and products (SSRS) would possibly not have the ability to scroll via a drop-down menu the usage of the scroll bar.
  • 4048958, 4048961 (Home windows eight.x and Server 2012) : Customers might see an error conversation that signifies that an utility exception has befell when final some packages. This will impact packages that use mshtml.dll to load internet content material.
  • 4048957 , 4048960 (Home windows 7 SP1 and Server 2008 SP1) : Customers might see an error conversation that signifies that an utility exception has befell when final some packages. This will impact packages that use mshtml.dll to load internet content material. Web Explorer 11 customers who use SQL Server Reporting Services and products (SSRS) would possibly not have the ability to scroll via a drop-down menu the usage of the scroll bar.

This Patch Tuesday impacts the next platforms:

  • Browsers (Microsoft IE and Edge)
  • Microsoft Home windows
  • Microsoft Workplace (Together with Internet Apps)
  • Microsoft ASP.NET Core, .NET Core and Chakra Core
  • Adobe Flash Participant

Home windows

For this month’s replace to the Microsoft Home windows desktop and server platforms, Microsoft has addressed 15 vulnerabilities rated as vital or average – and not using a vital updates for this month. The possible safety situations vary from safety bypass to spoofing. Not like the prospective problems with Microsoft Edge, none of those vulnerabilities had been publicly disclosed or reported as exploited. You probably have upgraded to the most recent free up of Home windows 10 (1709) you’ll have the least publicity of all Home windows (desktop and server) platforms this month. If ever there used to be a robust trade want for holding present with Microsoft patches, this month is it. Upload your Home windows updates this month in your same old patch deployment agenda.

Browsers

Microsoft has addressed 20 reported vulnerabilities in each browser platforms with 16 rated as vital. Oddly, we don’t see any vital updates for IE nine or IE 10. As a substitute, this month the focal point is IE 11 and Edge with two publicly reported vulnerabilities CVE-2017-11848 and CVE-2017-11827) that would result in faraway execution situations. If you’re operating older methods (Home windows 7 SP1), upload your browser patches in your same old replace agenda. If you’re operating IE 11 and Edge, this can be a “Patch Now” replace from Microsoft.

Microsoft Workplace

This month’s Microsoft Workplace replace features a unmarried safety advisory ADV170020 that addresses various “defence intensive” problems for all supported variations of Microsoft Workplace. This advisory isn’t in particular giant, however it does come with various information that experience led to problems with Microsoft Outlook previously. You’ll be able to in finding out extra in regards to the record (WWLIB.DLL) and the prospective replace problems right here. Along with this advisory. Microsoft has addressed seven reported vulnerabilities rated as vital. Given those issues and average exploit vulnerabilities, upload this replace in your same old Workplace deployment agenda.

Microsoft ASP.NET Core, .NET Core and Chakra Core

Microsoft has launched various updates to the Microsoft open supply building platforms for .Web Core, ASP.NET and the Chakra Core JavaScript engine. Those updates try to unravel 20 vulnerabilities in those 3 building platforms with 14 rated as vital via faraway code execution vulnerabilities and the rest rated as vital. For the reason that all the ChakraCore problems are rated as vital and are connected to the IE and Edge browser platforms, the ChakraCore replace must be rated as a “Patch Now” replace whilst ASP.NET and .NET core patches must be added in your same old building platform replace free up agenda.

Adobe Flash Participant

Microsoft has posted a safety advisory (ADV170019)  for Adobe Flash Participant (APSB17-33) that makes an attempt to unravel 5 vital memory-related safety vulnerabilities. This replace impacts all variations of Home windows desktops (together with the most recent Home windows 10 1709 free up) and each Microsoft browsers (IE and Edge). It is a precedence 2 replace from Adobe and this can be a “Patch Now” replace for all Microsoft desktop platforms. The only caveat for this Flash Participant replace, is that in case you set up a language pack, you should re-install this patch. You’ll be able to learn extra about this factor right here.

This text is revealed as a part of the IDG Contributor Community. Wish to Sign up for?

About Smuneebarif

Check Also

1516223922 office 365 enterprise usage doesnt translate into enterprise value 310x165 - Office 365: Enterprise usage doesn't translate into enterprise value

Office 365: Enterprise usage doesn't translate into enterprise value

Even though endeavor subscribers to Place of business 365 generally use a lot of the …

Leave a Reply

Your email address will not be published. Required fields are marked *