2018 has had an eventful start to say the least, with vendors racing to patch two serious processor flaws, Meltdown and Spectre. Last week Microsoft released an emergency update to handle these bugs,* and this week Microsoft is back again with its usual Patch Tuesday security updates for all of its products.
This month’s security updates address 59 vulnerabilities, out of which 16 are critical threats and 20 can be leveraged by attackers for remote code execution.
*Note: Microsoft has suspended updates for AMD processors after reports of Blue Screen of Death errors. Some antivirus programs also appear to be incompatible with these updates.
Microsoft security updates January 2018
These 59 security updates address a few different Microsoft products, including:
- All supported client and server versions of Windows
- Microsoft Edge
- Internet Explorer
- Microsoft Office
- SQL Server
- .NET Framework
- .NET Core
- ASP.NET Core
- Adobe Flash
Microsoft Patch Tuesday updates by OS
January’s Microsoft Patch Tuesday updates impact all supported versions of Windows, starting from Windows 7 to the latest version of Windows 10. Here’s a breakdown of these updates by OS.
Windows Server
- Windows Server 2008 and 2008 R2 contain seven vulnerabilities.
- Windows Server 2012 and 2012 R2 contain ten vulnerabilities.
- Windows Server 2016 contains nine vulnerabilities.
Windows OS
- Windows 7 contains seven vulnerabilities.
- Windows 8.1 contains ten vulnerabilities.
- Windows 10 versions 1607,1703, and 1709 contain eleven vulnerabilities each.
Patch Tuesday updates by version
Microsoft has released security updates for the product versions listed below:
- .NET Framework
- Windows Server 2008
- Windows Server 2012
- Windows Server 2008 R2 SP1
- Windows Server 2012 R2
- Windows Server 2016
- Windows 7 SP1
- Windows 8.1
- Windows RT 8.1
- Windows Embedded 8 Standard
- Windows 10 RTM
- Windows 10 version 1607
- Windows 10 version 1703
- Windows 10 version 1709
- Windows 10 version 1511
- Windows 10 version 1507
- Adobe Flash Player
- Internet Explorer
You can view a detailed breakdown of January’s Microsoft Patch Tuesday updates and fixes here.
Non-security updates
As usual, January’s Microsoft Patch Tuesday updates contain a few non-security updates as well for the following products:
- Windows 10, version 1703
- Windows Malicious Software Removal Tool
- Windows Server 2012 R2
- Microsoft .NET framework 4.7.1
- Windows Server 2008 R2
You can find more information here.
Microsoft Office updates
Microsoft has released updates for the following Office versions:
- Office 2016 has six updates.
- Office 2013 contains five updates.
- Office 10 comes with six updates.
- Office 2007 has ten updates.
Along with these updates, Microsoft has also released updates for SharePoint, Project Server, and SharePoint Foundation. Read more.
How to update your systems
If you’re looking to update more than five computers, you can easily do so using the free edition of either one of our patch management solutions, Desktop Central or Patch Manager Plus. You can also automate the overall patch deployment process, so next time you don’t need to check out each Microsoft Patch Tuesday updates and its fix individually, and update them later in your network.
If you want to take a look at how these solutions help with automatic patch deployment, check out an online demo of either one of our products:
Online demo of Desktop Central
Online demo of Patch Manager Plus
If you need a personalized demo of any of the above products, please feel free to reach out to our support team at cms-eval@manageengine.com.