Patch Tuesday July 2018

The July edition of Patch Tuesday updates includes a list of patches from Microsoft that fixes 53 security vulnerabilities. Out of these, 17 have been marked as critical, three of which were previously disclosed, but luckily there haven’t been any confirmed cases of these vulnerabilities being exploited yet. Thankfully, in this round of patching, Microsoft hasn’t found any zero-day flaws that need patching.

July 2018 security updates for Microsoft products

Included in this month’s Patch Tuesday updates are patches for the following products:

  • Microsoft Windows

  • Internet Explorer

  • Microsoft Edge

  • ChakraCore

  • .NET Framework


  • PowerShell

  • Visual Studio

  • Microsoft Office and Office services

  • Adobe Flash Player

Critical patch updates

Most of the critical updates that were released with this month’s Patch Tuesday target the memory corruption flaws that were present in Internet Explorer, Microsoft Edge, and the Chakra scripting engine. If ignored, these critical vulnerabilities can open up your endpoints to remote code execution and unauthorized privilege elevation. Here is a list of all the critical flaws that Microsoft has patched with July’s edition of Patch Tuesday.

Adobe Flash Player updates

Adobe has released only one critical Flash Player vulnerability fix this July, CVE-2018-5007. Successful exploitation of this vulnerability could lead to arbitrary code execution on the victim’s computer.

Non-security updates

Microsoft also released non-security updates for Office 2010, 2013, and 2016. View the entire list of non-security patches for the month of July.

 Get updates as they come out with automated patch deployment

 Microsoft and other vendors release timely hotfixes, rollups, service packs, and other updates to ensure users are secure and aren’t exploited through various vulnerabilities. Automated patch deployment can come in handy if you’re deploying these patches to more than 10 endpoints in your network. ManageEngine offers two solutions for automatically deploying patches: Desktop Central and Patch Manager Plus. Download a free, 30-day trial of either one to get started with securing your endpoints.