Microsoft Internet Explorer Vulnerability - CVE-2018-8653

Follow

Microsoft just released a security update for Internet Explorer after receiving a report from Google about a new vulnerability being used in targeted attacks.  Automox can help you automatically secure your systems against this vulnerability.

Below is a compiled list of KB articles that are needed depending on which Windows versions you currently use:

Platform

Article

Severity

Windows Server 2012

4483187

Moderate

Windows 10 Version 1703 for 32-bit Systems

4483230

Critical

Windows 10 Version 1703 for x64-based Systems

4483230

Critical

Windows 10 Version 1803 for 32-bit Systems

4483234

Critical

Windows 10 Version 1803 for x64-based Systems

4483234

Critical

Windows 10 Version 1803 for ARM64-based Systems

4483234

Critical

Windows 10 Version 1809 for 32-bit Systems

4483235

Critical

Windows 10 Version 1809 for x64-based Systems

4483235

Critical

Windows 10 Version 1809 for ARM64-based Systems

4483235

Critical

Windows Server 2019

4483235

Moderate

Windows 10 Version 1709 for 32-bit Systems

4483232

Critical

Windows 10 Version 1709 for 64-based Systems

4483232

Critical

Windows 10 Version 1709 for ARM64-based Systems

4483232

Critical

Windows 10 for 32-bit Systems

4483228

Critical

Windows 10 for x64-based Systems

4483228

Critical

Windows 10 Version 1607 for 32-bit Systems

4483229

Critical

Windows 10 Version 1607 for x64-based Systems

4483229

Critical

Windows Server 2016

4483229

Moderate

Windows 7 for 32-bit Systems Service Pack 1

4483187

Critical

Windows 7 for x64-based Systems Service Pack 1

4483187

Critical

Windows 8.1 for 32-bit systems

4483187

Critical

Windows 8.1 for x64-based systems

4483187

Critical

Windows RT 8.1

4483187

Critical

Windows Server 2008 R2 for x64-based Systems Service Pack 1

4483187

Moderate

Windows Server 2012 R2

4483187

Moderate

Windows Server 2008 for 32-bit Systems Service Pack 2

4483187

Moderate

Windows Server 2008 for x64-based Systems Service Pack 2

4483187

Moderate

 

To apply these patches immediately on your devices using Automox, follow the instructions outlined below:

 

Update from the Software Page

 

  1. Navigate to the software page in the Automox console.
  2. Search for your applicable KB numbers.  From the Actions drop-down select Patch Now
  • NOTE: Since this update method is outside of Patch Policy rules, end-users will not receive notifications if done using these steps.  It will push the update installation to the devices and force reboots without users having the option to defer.
  • NOTE: All devices that are currently offline will attempt to apply the patch the next time they come online

 

  • Click Continue to apply software



  • You will then see the update successfully queued




  • Patch remediation will begin immediately on all devices that have this patch
  • To see all devices that need to the patch applied, click on the number under "Endpoints Awaiting"

 

 

Update Via Policy

Another method that isn’t as immediate but would allow users to receive notification with deferral options is to use a Patch Only policy.

This set to include your applicable KBs with a scheduled time in the near future.

In the configuration shown below, the policy will patch any of the applicable KBs to all devices in the associated groups at the scheduled time with a 15 minute notification window, allowing your users to defer the patching for a time. Note that you can turn off Automatic Reboot if you want to allow users to reboot on their own. The policy can also be run instantly from the System Management page. Once this is configured, apply the policy to any and all groups you want to apply this to and allow it to run as scheduled:

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.