Back

gHacks

Microsoft Security Updates March 2018 release overview

2018-03-13 19:44:50

Today is Microsoft's Security Patch Day for March 2018. The company released security updates for all supported client and server versions of Windows, and other company products such as Microsoft Office, Microsoft Edge or Internet Explorer.

Our Microsoft Security Updates overview provides you with a detailed overview: it lists all released security and non-security updates, security advisories, and links to direct downloads and additional resources for research.

Note: We recommend that you back up Windows' system partition before you install any update released by Microsoft. You can use free backup tools like Veeam Endpoint Backup or Macrium Reflect for that, or one of the backup programs listed here.

Microsoft Security Updates March 2018

You may download the following Excel spreadsheet to your local system. It contains a list of all security patches for all Microsoft products released on this Patch Day. Click on the following link to download it: security-updates-march-2018-windows-microsoft.zip

Executive Summary

  • Security updates are available for all supported versions of Windows (client and server).
  • Other Microsoft products with security updates are: Internet Explorer, Microsoft Edge, Microsoft Exchange Server, PowerShell Core, Adobe Flash, Microsoft Office
  • No critical vulnerabilities for Windows versions but for Microsoft Edge and Internet Explorer.
  • Microsoft lifted the antivirus compatibility check on Windows 10 version 1607, 1703 and 1709.

Operating System Distribution

  • Windows 7: 21 vulnerabilities of which 21 are rated important
  • Windows 8.1: 20 vulnerabilities of which 20 are rated important
  • Windows 10 version 1607: 29 vulnerabilities of which 29 are rated important
  • Windows 10 version 1703: 28 vulnerabilities of which 28 are rated important
  • Windows 10 version 1709: 24 vulnerabilities of which 24 are rated important

Windows Server products

  • Windows Server 2008: 21 vulnerabilities of which 21 are rated important
  • Windows Server 2008 R2: 2 vulnerabilities of which 22 are rated important
  • Windows Server 2012 and 2012 R2: 21 vulnerabilities of which 21 are rated important
  • Windows Server 2016: 29 vulnerabilities of which 29 are rated important

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerabilities, 2 critical, 5 important
  • Microsoft Edge: 16 vulnerabilities, 12 critical, 4 important

Security Updates

KB4088875 -- Windows 7 SP1 and Windows Server 2008 R2 Monthly Rollup

  • Includes security updates for Internet Explorer, the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.
  • Cumulative Spectre and Meltdown protections for 32-bit and 64-bit versions.
  • Addressed Internet Explorer unresponsive issue when Browser Helper Objects are installed.
  • Legacy Document Mode cell visibility update in Internet Explorer.
  • Fixed Internet Explorer stopped working issue in printing scenarios.
  • Fixed Internet Explorer stopped working issue when using Developer Tools.

KB4088878 -- Windows 7 SP1 and Windows Server 2008 R2 Security-Only Update

  • Same security updates and cumulative Spectre and Meltdown protection updates as KB4088875.

KB4088876 -- Windows 8.1 and Windows Server 2012 R2 Monthly Rollup

  • Same security updates and fixed issues as in KB4088875.
  • Addressed sign-in issues to Windows 2012 R2 servers when using custom credential provider on a console or RDP.
  • Fixed Internet Explorer issue that caused Outlook's web app to slow down.

KB4088879 -- Windows 8.1 and Windows Server 2012 R2 Monthly Rollup

  • Same security updates as KB4088876 plus Windows 2012 R2 server issue.

KB4000825 -- Windows 10 version 1607 and Windows Server 2016

  • Security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Microsoft Windows Search component, Windows Desktop Bridge, Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Datacenter Networking, Windows Installer, and Windows Hyper-V.
  • Addressed XML document printing issue in IE and Edge.
  • Addressed stopped working issue in IE when using F12 developer tools.
  • Updated legacy Document Mode cell visibility in IE.
  • Addressed IE becoming unresponsive issue when installing Browser Helper Objects.
  • Addressed issue that affected some antivirus software versions on which the antivirus updated the Allow Regkey.
  • Addressed AD FS server issue causing WID AD FS database to become unusable after a restart.
  • Fixed online video playback becoming unresponsive issue.

KB4088782 -- Windows 10 version 1703

  • Same as KB4088782 for the most part plus..
  • SMB shared files access issue with the error ERROR_INVALID_REPARSE_DATA resulting in errors when editing some group policies (The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)).

KB4088776 -- Windows 10 version 1709

  • Same as KB4088782 for the most part plus..
  • Fixed issue that prevented media and other apps from becoming unresponsive or failing during graphics drivers updates.
  • Addressed "Check your account, you don't own this content" error when customers tried to play or install owned content.
  • Addressed "We couldn’t download the Windows Mixed Reality Software" after installing KB4090913.

KB4089187 -- Cumulative security update for Internet Explorer: March 13, 2018

KB4088785 -- Security update for Adobe Flash Player: March 13, 2018

KB4056564 -- Windows Server 2008 and Windows XP Embedded update that fixes a CredSSP remote code execution vulnerability.

KB4073011 -- Windows Server 2008 update that fixes a Windows Hyper-V denial of service vulnerability.

KB4087398 -- Windows Server 2008 and Windows XP Embedded update that fixes a Windows Installer elevation of privilege Vulnerability.

KB4088827 -- Windows Server 2008 update that patches a Hyper-V information disclosure vulnerability.

KB4088880 -- Windows Embedded 8 Standard and Windows Server 2012 update -- security only update.

KB4089082 -- Windows XP Embedded patches Microsoft Video Control elevation of privilege vulnerability.

KB4089175 -- Windows Server 2008 and Windows XP Embedded addresses Windows shell remote code execution vulnerability.

KB4089229 -- Windows Server 2008 addresses Windows Kernel vulnerabilities.

KB4089344 -- Windows Server 2008 and Windows XP Embedded fixes elevation of privileges vulnerability in Windows Graphics Device Interface.

KB4089453 --Windows Server 2008 and Windows XP Embedded fixes Windows remote assistance information disclosure vulnerability.

KB4089694 -- Windows XP Embedded patches Windows Wireless WPA pairwise encryption key reinstallation vulnerability.

KB4090450 -- Windows Server 2008 addresses speculative execution side-channel vulnerabilities.

Known Issues

  • (Windows 7) SMB Servers may leak memory after installing the update -- Fix in the works.
  • (Windows 7) Stop error on machines with the Physical Address Extension (PAE) mode disabled -- Update is not delivered to 32-bit systems with PAE disabled.
  • (Windows 7) Stop error on machines not support Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2) -- Fix is in the works.
  • (Windows 7 and 8.1) No updates for systems without compatible antivirus solution or Registry key set -- Set Registry key:
    • Key: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat
    • Name: cadca5fe-87d3-4b96-b7fb-a231484277cc
    • Type: Dword (32-bit) Value
    • Data: 0x00000000

Security advisories and updates

ADV180005 -- all Windows version -- Document signing deprecation in XPS Viewer

Non-security related updates

KB4092077 -- Windows 10 version 1703 -- Fixes UI usability issues after installing the previous update for the operating system version.

KB4090913 -- Windows 10 Version 1709 -- This update fixes the "INACCESSIBLE_BOOT_DEVICE" issue and issue with some USB devices and onboard devices that stopped working.

KB4077525 -- Windows 10 Version 1607 and Server 2016 -- Huge update that fixes a large number of issues (mostly in Windows Server 2016)

KB4089848 -- Cumulative Update for Windows Server 2016, and Windows 10 Version 1709

KB4089938 -- Dynamic Update for Windows 10 Version 1709 -- Compatibility update for upgrading to Windows 10 Version 1709

KB4090007 -- Update for Windows 10 Version 1709 -- Intel microcode updates

KB4091663 -- Update for Windows 10 Version 1703

KB4091664 -- Update for Windows 10 Version 1607

KB4091666 -- Update for Windows 10 Version 1507

KB890830 -- Windows Malicious Software Removal Tool - March 201

Microsoft Office Updates

The Office March 2018 non-security updates were released last week.

Office 2010

KB4011673 -- Fixes a remote code execution vulnerability in Office 2010.

How to download and install the March 2018 security updates

microsoft windows updates march 2018

All security updates get released as cumulative updates for all supported operating systems. The primary method of distributing new security updates is via Windows Update, the built-in updating system of Windows.

Windows systems run update checks regularly but not in real-time. Users who want to download and install the updates the moment they are released can do so by manually checking for updates.

Note that it is advised to create a system backup before the installation of updates to have a third-party option to restore the old version.

Do the following to check for updates:

  1. Tap on the Windows-key, type Windows Update, and select the result from the list of items returned to you by Windows Search.
  2. Select "check for updates" or wait until the automatic update scan completes.
  3. Wait until the automatic downloading and installation of updates completes, or initiate the process with a click on the download button.

Updates can also be downloaded from Microsoft's Update Catalog website, or through other means, WSUS for instance for Windows Server updates.

Direct update downloads

You can download cumulative updates and rollup patches for Windows 7, Windows 8.1 and Windows 10, and the server operating systems Windows Server 2008 R2, Windows Server 2012 R2, and Windows Server 2016 from the Microsoft Update Catalog website.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4088875 — 2018-03 Security Monthly Quality Rollup for Windows 7
  • KB4088878 — 2018-03 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4088876 — 2018-03 Security Monthly Quality Rollup for Windows 8.1
  • KB4088879  — 2018-03 Security Only Quality Update for Windows 8.1

 

Windows 10 and Windows Server 2016 (version 1607)

  • KB4088787  — 2018-03 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 (version 1703)

  • KB4088782— 2018-03 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4088776 — 2018-03 Cumulative Update for Windows 10 Version 1709

Additional resources

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft Security Updates March 2018 release overview appeared first on gHacks Technology News.

Read more

Ghacks Deals: Ultimate Cisco Certification Super Bundle: Lifetime Access (Price Drop)

2018-03-13 16:30:42

cisco

Ultimate Cisco Certification Super Bundle: Lifetime Access is a big eLearning bundle with nine courses in total that prep you for nine different Cisco exams.

The bundle is available for $49 for a limited time and grants lifetime access to all courses. The courses are designed for users of all experience levels:

  • Cisco 100-105: Interconnecting Cisco Networking Devices Part 1 - ICND1 V3 -- Take the First Step Toward an Invaluable Cisco CCNA Certification
  • Cisco 200-105: Interconnecting Cisco Networking Devices Part 2 - ICND2 V3 -- Make Strides In Your Pursuit of a Career in Cisco Networking
  • Cisco 210-260: Implementing Cisco Network Security -- Become Adept at Securing Networks Running on Cisco Servers
  • Cisco 200-355: Implementing Cisco Wireless Networking Fundamentals -- Work Towards a Base Level Certification in Wireless Networking
  • Cisco 210-060: Implementing Cisco Collaboration Devices (CICD) -- Start Administering Cisco Unified Communications Solutions
  • Cisco 210-065: Implementing Cisco Video Network Devices (CIVND1 & CIVND2) -- Learn How to Implement Cisco Video Solution Architectures
  • Cisco 300-101: ROUTE - Implementing Cisco IP Routing -- Discover Advanced IP Addressing & Routing Skills That Will Take Your Career Far
  • Cisco 300-115: SWITCH - Implementing Cisco IP Switched Networks -- Learn How to Become an Advanced Enterprise Networking Professional
  • Cisco 300-135: TSHOOT - Troubleshooting And Maintaining Cisco IP Networks -- Identify & Master Best Practices for Keeping Cisco Networks Running Smoothly

Click here to open the Cisco Certification Bundle on Ghacks Deals

Not for you?

If this particular offer is not for you, you may want to check out the Certification listing on the Ghacks Deals website or the freebies section.

Fine print: make sure that you check out the specs and terms of the deal. Note that you need to contact support to renew the license every 2 years free of charge.

Disclosure: The deal is provided by StackCommerce in partnership with Ghacks Technology News; you need a StackCommerce account to participate in giveaways or make purchases. Check out the privacy policy and Terms of Service here.

Ghacks Technology News benefits from sales made on the Ghacks Deals website through a revenue share agreement. All revenue goes towards the running costs.

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Ghacks Deals: Ultimate Cisco Certification Super Bundle: Lifetime Access (Price Drop) appeared first on gHacks Technology News.

Read more

How to remove drive letters in Windows

2018-03-13 12:58:18

Windows assigns drive letters to internal and external hard drives, optical drives, Flash memory cards and other devices automatically when it recognizes them.

The main reason for that is that it allows users of the system to interact with the devices directly; it would certainly be inconvenient if users had to assign drive letters to new devices manually, or even each time devices get connected.

Sometimes, however, you may not want drive letters assigned to devices automatically or at all. A common scenario is a partition of a different operating system that you don't want to access; another, that encrypted drives or partitions don't require a drive letter until they are mounted as you can't interact with the unmounted drives.

Remove drive letters using Disk Management

windows disk management

All versions and editions of Windows include the Disk Management tool. Disk Management is the primary tool of the Windows operating system for managing drives and other storage devices. It provides options to add, change or remove drive letters, shrink or extend volumes, or attach virtual hard drives.

Windows supports quite a few ways to launch the Disk Management tool; the most convenient options in my opinion are the following two:

  1. Use Windows-R to open the runbox, type diskmgmt.msc and hit the Enter-key on the keyboard.
  2. Use the Windows-X menu and select Disk Management. (Windows 8 and newer only)

The Disk Management interface may take a moment to load. It lists all available volumes and disks in its interface on start, and you may interact with the volume listing or the visual representation of each disk.

I find it easier to work with the disk list in the lower half of the Disk Management interface, but any action available there is also available in the volume listing.

Disk Management lists disks, partitions, and drive letters. It is easy to spot partitions with drive letters and those without.

To interact with a partition right-click on it in the Disk Management interface.

disk management

A right-click displays the context menu. You may use it to execute all supported operations; select "change drive letter and paths..." in this case to remove the drive letter from the partition.

Disk Management lists assigned drive letters of the volume in a new window when you select the option. The interface lists options to add, change or remove the drive letter.

To remove it, select it and then the remove button to execute the action.

remove drive letter

Disk Management displays a warning prompt when you select remove:

Some programs that rely on drive letters might not run correctly. Are you sure you want to remove this drive letter?

Removal is not an issue if the volume is not used but it may cause issues if it is used by programs, for instance for data storage. Select yes to continue with the execution or no to cancel it.

Disk Management closes the prompt automatically and visualizes the change in its interface. If you selected remove, the drive letter should no longer be attached to the volume. The change is reflected in Explorer and other file browsers as well.

You may add drive letters to volumes using the same step by step guide. The only difference is that you need to select add and pick one of the available drive letters.

Removing drive letters using the command prompt

mountvol command prompt

You need elevated rights to remove a drive letter using the command prompt:

  1. Tap on the Windows-key to display the Start Menu.
  2. Type cmd.exe, hold down the Shift-key and Ctrl-key, and select the item from the list of results.
  3. Confirm the UAC prompt.

You can use the command mountvol to interact with volumes. A good starting point is the command mountvol /? which lists all supported parameters and all volumes similar to the listing that you get when you run the Disk Management interface.

Use the /D parameter to remove a drive letter from the selected volume. The command mountvol d: /D removes the drive letter from volume D:

Use the command mountvol d: VolumeName To reassign a drive letter. VolumeName begins with \\ and all available volumes are listed when you run mountvol /?.

Related articles

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post How to remove drive letters in Windows appeared first on gHacks Technology News.

Read more

Firefox 59.0 release overview

2018-03-13 08:33:21

Firefox 59.0 will be offered to the stable channel of the browser on March 13, 2018. It is the second major update after the release of Firefox 57.0 Quantum which introduced major changes across the board.

The release overview highlights all major and minor changes sorted into categories such as security or developer for easier accessibility.

All official channels are updated as well around the same time. Firefox Beta moves to Firefox 60, Firefox Nightly to 61, and Firefox ESR to 52.7.

Executive Summary

  • Firefox 59.0 features performance enhancements, new privacy settings.
  • Work on WebExtensions APIs continued.
  • Includes several security fixes.
  • Firefox ESR 60 will be released in May.

Firefox 59.0 download and update

firefox 59 stable

Firefox 59.0 is not yet available on Mozilla's website or through Firefox's automatic update system. Mozilla plans to release the update later today.

You can run a manual check for updates with a click on Menu > Help > About Firefox. This queries Mozilla's server and reveals if updates are available. You may use the menu to download and install the updates then.

Direct download links for Firefox installation files.

Firefox 59.0 Changes

Privacy improvements

firefox permissions privacy

Firefox 59.0 includes a number of privacy enhancements. Users can load about:preferences#privacy and scroll down to the permissions section on the page that opens to control Location, Camera, Microphone and Notifications permissions.

A click on the settings button lists websites that you have allowed to access the feature and removal options.

Each page includes an option to block website and service requests automatically for that particular feature.

Useful if you don't want sites to request the functionality or if you find the request prompts annoying. The options are not entirely new, but their placement in the Firefox preferences is.

You can check out our full overview of the options and the preference names here.

Firefox 59.0 includes other privacy enhancements. The browser strips the referer path in private browsing mode to block data leaks to third-party sites.

Basically, what it does is remove any data but the originating domain name from the referer.

Performance Gains

Work on improving the performance of the Firefox browser continued, and the developers managed to improve performance in Firefox 59.0 in several areas:

  • Firefox Home Page content should load faster now.
  • Faster page load times by loading content either from the user's hard drive or networked cache.
  • Graphics rendering improvements for Mac Firefox installations (Off-Main-Thread-Painting, introduced in Firefox 58 for Linux and Windows)

Other changes

  • Drag and drop Top Sites elements on Firefox's Home page and other customization options.
  • Ecosia search engine available as an option in the German Firefox, and Qwant search engine in the French Firefox.
  • Fix popup content on multi-monitor systems with different DPI settings.
  • The Screenshot tool that is built-in to Firefox has new online capabilities.
  • You can flip a switch to mark HTTP sites as insecure in Firefox.

Firefox 59.0 Issues

firefox accessibility

Firefox users on devices running Windows 7 may notice crashes if they use accessibility services. Mozilla investigates and suggests that users load about:preferences#privacy and check "Prevent accessibility services from accessing your browser" there to prevent the crashes until the issue is resolved.

Developer Changes

  • Cookie API supports first-party isolation mode and FPI cookies. Extensions can control cookie behavior.
  • Experimental Tab Hiding API is available.
  • Extensions can override proxy settings.
  • IndexDB use no longer impacted by cookie settings.
  • RTP Transceiver implemented to give "pages more fine grained control over calls".
  • Support for decentralization protocols dat://, dweb://, ipfs://, ipns:// and ssb://
  • Support for W3C specs for pointer events.
  • Theme API has new capabilities.
  • Web Developer Tools improvements: network monitor shows a preview of the rendered HTML if the response is a HTML, sameSite column in Storage Inspector for Cookies, and more.

Firefox 59.0 for Android

  • Mozilla added Firefox as an Assist App. Users on Android may long-tap the home button to start a search.
  • Firefox 59 for Android supports HTTP Live Streaming (HLS) playback. This improves compatibility with video sites.
  • Removed the about: page. Android users are asked to use the About Firefox dialog instead.

Security updates / fixes

  • Top level navigation to date:// URIs is blocked.
  • HTTP Auth dialogs can't be triggered by cross-origin images anymore.

Coming.

Outlook

The next Firefox release day is May 8, 2018. Firefox Stable will hit version 60 and Firefox ESR is moved from version 52.x to 60.0. The upgrade ends support for legacy add-ons in the browser as Firefox ESR 52.x is the last official version of Firefox that supports the legacy add-on system.

Additional information / sources

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Firefox 59.0 release overview appeared first on gHacks Technology News.

Read more