Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4467697
HistoryNov 13, 2018 - 8:00 a.m.

November 13, 2018—KB4467697 (Monthly Rollup)

2018-11-1308:00:00
Microsoft
support.microsoft.com
92

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

November 13, 2018—KB4467697 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4462921 (released October 18, 2018) and addresses the following issues:

  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Internet Explorer, Windows Wireless Networking, Windows Kernel, and Windows Server.
    For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

Known issues in this update

Symptom Workaround
After installing this update, users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback. This issue is resolved in KB4471320.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4467697.

Related

nessus 46
openvas 26
mskb 16
kaspersky 3
talosblog 1
cve 19
prion 19
thn 1
osv 2
mscve 18
symantec 13
checkpoint_advisories 8
zdi 2
veracode 1
zdt 3
packetstorm 2
exploitpack 1
exploitdb 1
suse 5
debian 2
threatpost 1
mageia 1
centos 3
redhat 3
amazon 1
oraclelinux 1
nessus
nessus
KB4467703: Windows 8.1 and Windows Server 2012 R2 November 2018 Security Update
2018-11-13 00:00:00
KB4467678: Windows Server 2012 November 2018 Security Update
2018-11-13 00:00:00
KB4467106: Windows 7 and Windows Server 2008 R2 November 2018 Security Update
2018-11-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4467697)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467107)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467691)
2018-11-14 00:00:00
mskb
mskb
November 13, 2018—KB4467701 (Monthly Rollup)
2018-11-13 08:00:00
November 13, 2018—KB4467703 (Security-only update)
2018-11-13 08:00:00
November 13, 2018—KB4467678 (Security-only update)
2018-11-13 08:00:00
kaspersky
kaspersky
KLA11898 Multiple vulnerabilities in Microsoft Products (ESU)
2018-11-13 00:00:00
KLA11354 Multiple vulnerabilities in Microsoft Windows
2018-11-13 00:00:00
KLA11358 Multiple vulnerabilities in Microsoft Development Tools
2018-11-13 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — November 2018: Vulnerability disclosures and Snort coverage
2018-11-13 10:53:00
cve
cve
CVE-2018-8554
2018-11-14 01:29:00
CVE-2018-8485
2018-11-14 01:29:00
CVE-2018-8561
2018-11-14 01:29:00
prion
prion
Privilege escalation
2018-11-14 01:29:00
Privilege escalation
2018-11-14 01:29:00
Privilege escalation
2018-11-14 01:29:00
thn
thn
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now
2018-11-14 09:55:00
osv
osv
CVE-2018-8415
2018-11-14 01:29:00
CVE-2018-8256
2018-11-14 01:29:00
mscve
mscve
Microsoft PowerShell Remote Code Execution Vulnerability
2018-11-13 08:00:00
Windows Remote Procedure Call Information Disclosure Vulnerability
2018-11-13 08:00:00
Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
2018-11-13 08:00:00
symantec
symantec
Microsoft Windows PowerShell CVE-2018-8256 Remote Code Execution Vulnerability
2018-11-13 00:00:00
Microsoft Powershell CVE-2018-8415 Tampering Security Bypass Vulnerability
2018-11-13 00:00:00
Microsoft Windows Security Feature CVE-2018-8549 Local Security Bypass Vulnerability
2018-11-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Graphics Components Remote Code Execution (CVE-2018-8553)
2018-11-13 00:00:00
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8544)
2018-11-13 00:00:00
Microsoft Windows Kernel Information Disclosure (CVE-2018-8408)
2018-11-13 00:00:00
zdi
zdi
Microsoft Windows NtGdiExtTextOutW Out-Of-Bounds Write Privilege Escalation Vulnerability
2018-11-21 00:00:00
Microsoft Windows VBScript Class_Terminate Scripting.Dictionary Use-After-Free Remote Code Execution Vulnerability
2018-11-21 00:00:00
veracode
veracode
Code Injection
2018-11-15 06:42:35
zdt
zdt
Microsoft VBScript rtFilter Out-Of-Bounds Read Exploit
2018-12-01 00:00:00
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
2018-12-01 00:00:00
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation Exploit
2018-11-20 00:00:00
packetstorm
packetstorm
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
2018-11-30 00:00:00
Microsoft VBScript rtFilter Out-Of-Bounds Read
2018-11-30 00:00:00
exploitpack
exploitpack
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation
2018-11-20 00:00:00
exploitdb
exploitdb
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation
2018-11-20 00:00:00
suse
suse
Security update for qemu (important)
2018-01-05 18:10:57
Security update for ucode-intel (important)
2018-03-16 18:09:28
Security update for ucode-intel (important)
2018-01-04 03:07:17
debian
debian
[SECURITY] [DLA 1349-1] linux-tools security update
2018-04-16 22:31:08
[SECURITY] [DLA 1362-1] gcc-4.9-backport new package
2018-04-25 16:19:40
threatpost
threatpost
New Spectre-Level Flaw Targets Return Stack Buffer
2018-07-23 18:27:20
mageia
mageia
Updated microcode packages fix security vulnerability
2018-05-29 22:41:14
centos
centos
microcode_ctl security update
2018-01-04 11:40:52
microcode_ctl security update
2018-01-17 14:59:21
libvirt security update
2018-01-04 19:54:04
redhat
redhat
(RHSA-2018:0109) Important: libvirt security update
2018-01-22 10:05:55
(RHSA-2018:0050) Important: vdsm security update
2018-01-05 15:36:32
(RHSA-2018:0029) Important: libvirt security update
2018-01-04 19:31:42
amazon
amazon
Important: linux-firmware
2018-02-20 21:46:00
oraclelinux
oraclelinux
qemu-kvm security update
2018-01-04 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for KB4467697
nessus46openvas26mskb16kaspersky3talosblog1cve19prion19thn1osv2mscve18symantec13checkpoint_advisories8zdi2veracode1zdt3packetstorm2exploitpack1exploitdb1suse5debian2threatpost1mageia1centos3redhat3amazon1oraclelinux1