• March 2019 Patch Tuesday patches

    Posted on March 12, 2019 at 12:10 CDT by Comment in the Forums

    They’re starting to roll in.

    Martin Brinkmann has a full roundup on ghacks.net:

    • Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
    • Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
    • Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
    • Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
    • Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
    • Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important

    The Microsoft Update Catalog lists 124 individual patches.

    Dustin Childs has his usual thorough review on the ZDI blog:

    security patches for 64 CVEs [ = separately identified security holes ] along with four advisories… Four of these bugs are listed as public and two are listed as being under active attack at the time of release.

    The two that are under active attack (which is to say, the two 0days) are both rated “Important” which, as many of you know, means they aren’t really all that important. They’re “elevation of privilege” attacks — a miscreant has to be in your system already before they can leverage one of these two attacks to move themselves up to admin level.

    The list of Win10 patches is up on Reddit.

    Win10 1809 – It looks like the “crazy” performance drop in games, including Destiny 2, has been fixed.

    There’s a Servicing Stack Update for Windows 7 that’s related to the SHA-2 “critical update” we’ve been expecting since November. No idea if this is the whole fix, or if it’s just a part of enabling SHA-2 encryption for Win7 patches. As noted in the earlier article, you need to get this Servicing Stack Update in order to install any Win7 patches after July. Thx @EP, @Crysta.

    6 new Office security patches, to add to the 28 non-security patches from earlier this month. Two new versions of Office Click-toRun: 15.0.5119.1000 for Office 2013; 14.0.7230.5000 for Office 2010.

    I don’t see anything screaming to be patched at this moment. More as the day wears on.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.