Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4467701
HistoryNov 13, 2018 - 8:00 a.m.

November 13, 2018—KB4467701 (Monthly Rollup)

2018-11-1308:00:00
Microsoft
support.microsoft.com
110

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

November 13, 2018—KB4467701 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4462925 (released October 18, 2018) and addresses the following issues:

  • Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Wireless Networking, Windows Kernel, and Windows Server.
    For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

Known issues in this update

Symptom Workaround
After installing this update, users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback. This issue is resolved in KB4471330.
After installing this update, the Event Viewer may not show some event descriptions for network interface cards (NIC). This issue is resolved in KB4489891.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4467701.

Related

mskb 16
nessus 42
openvas 25
kaspersky 3
cve 17
prion 17
talosblog 1
osv 3
thn 1
mscve 16
symantec 12
checkpoint_advisories 8
zdi 2
veracode 1
zdt 3
packetstorm 2
exploitpack 1
exploitdb 1
suse 5
oraclelinux 3
debian 1
redhat 13
mageia 1
centos 1
debiancve 1
amazon 2
ibm 1
mskb
mskb
November 13, 2018—KB4467678 (Security-only update)
2018-11-13 08:00:00
November 13, 2018—KB4467697 (Monthly Rollup)
2018-11-13 08:00:00
November 13, 2018—KB4467703 (Security-only update)
2018-11-13 08:00:00
nessus
nessus
KB4467703: Windows 8.1 and Windows Server 2012 R2 November 2018 Security Update
2018-11-13 00:00:00
KB4467678: Windows Server 2012 November 2018 Security Update
2018-11-13 00:00:00
KB4467700: Windows Server 2008 November 2018 Security Update
2018-11-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4467697)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467107)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467680)
2018-11-14 00:00:00
kaspersky
kaspersky
KLA11898 Multiple vulnerabilities in Microsoft Products (ESU)
2018-11-13 00:00:00
KLA11354 Multiple vulnerabilities in Microsoft Windows
2018-11-13 00:00:00
KLA11358 Multiple vulnerabilities in Microsoft Development Tools
2018-11-13 00:00:00
cve
cve
CVE-2018-8554
2018-11-14 01:29:00
CVE-2018-8485
2018-11-14 01:29:00
CVE-2018-8561
2018-11-14 01:29:00
prion
prion
Privilege escalation
2018-11-14 01:29:00
Privilege escalation
2018-11-14 01:29:00
Privilege escalation
2018-11-14 01:29:00
talosblog
talosblog
Microsoft Patch Tuesday — November 2018: Vulnerability disclosures and Snort coverage
2018-11-13 10:53:00
osv
osv
CVE-2018-8415
2018-11-14 01:29:00
CVE-2018-8256
2018-11-14 01:29:00
CVE-2017-5715
2018-01-04 13:29:00
thn
thn
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now
2018-11-14 09:55:00
mscve
mscve
Windows Remote Procedure Call Information Disclosure Vulnerability
2018-11-13 08:00:00
DirectX Elevation of Privilege Vulnerability
2018-11-13 08:00:00
Microsoft PowerShell Remote Code Execution Vulnerability
2018-11-13 08:00:00
symantec
symantec
Microsoft Windows PowerShell CVE-2018-8256 Remote Code Execution Vulnerability
2018-11-13 00:00:00
Microsoft Windows Security Feature CVE-2018-8549 Local Security Bypass Vulnerability
2018-11-13 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8565 Local Information Disclosure Vulnerability
2018-11-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Kernel Information Disclosure (CVE-2018-8408)
2018-11-13 00:00:00
Microsoft Graphics Components Remote Code Execution (CVE-2018-8553)
2018-11-13 00:00:00
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8544)
2018-11-13 00:00:00
zdi
zdi
Microsoft Windows NtGdiExtTextOutW Out-Of-Bounds Write Privilege Escalation Vulnerability
2018-11-21 00:00:00
Microsoft Windows VBScript Class_Terminate Scripting.Dictionary Use-After-Free Remote Code Execution Vulnerability
2018-11-21 00:00:00
veracode
veracode
Code Injection
2018-11-15 06:42:35
zdt
zdt
Microsoft VBScript rtFilter Out-Of-Bounds Read Exploit
2018-12-01 00:00:00
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
2018-12-01 00:00:00
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation Exploit
2018-11-20 00:00:00
packetstorm
packetstorm
Microsoft VBScript rtFilter Out-Of-Bounds Read
2018-11-30 00:00:00
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
2018-11-30 00:00:00
exploitpack
exploitpack
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation
2018-11-20 00:00:00
exploitdb
exploitdb
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation
2018-11-20 00:00:00
suse
suse
Security update for kernel-firmware (important)
2018-01-05 18:09:20
Security update for various KMPs (important)
2018-03-20 00:07:10
Security update for microcode_ctl (important)
2018-01-04 06:08:52
oraclelinux
oraclelinux
microcode_ctl security update
2018-01-04 00:00:00
microcode_ctl security update
2018-01-21 00:00:00
libvirt security update
2018-01-05 00:00:00
debian
debian
[SECURITY] [DLA 2148-1] amd64-microcode security update
2020-03-20 19:56:36
redhat
redhat
(RHSA-2018:1196) Important: kernel security and bug fix update
2018-04-23 12:27:20
(RHSA-2018:0110) Important: libvirt security update
2018-01-22 10:06:03
(RHSA-2018:0059) Important: qemu-kvm-rhev security update
2018-01-05 18:11:09
mageia
mageia
Updated microcode packages fix security vulnerabilities
2018-01-13 17:28:36
centos
centos
microcode_ctl security update
2018-01-04 19:41:20
debiancve
debiancve
CVE-2017-5715
2018-01-04 13:29:00
amazon
amazon
Important: microcode_ctl
2018-02-07 18:54:00
Important: qemu-kvm
2018-01-12 21:24:00
ibm
ibm
Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to the vulnerability known as Spectre (CVE-2017-5715)
2023-04-18 18:22:18

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for KB4467701
mskb16nessus42openvas25kaspersky3cve17prion17talosblog1osv3thn1mscve16symantec12checkpoint_advisories8zdi2veracode1zdt3packetstorm2exploitpack1exploitdb1suse5oraclelinux3debian1redhat13mageia1centos1debiancve1amazon2ibm1