Microsoft Releases November Updates

Last Updated: 11/15/2018

Security Notice Level

SEVERE

Microsoft has released the November updates to their software. Some of these updates address vulnerabilities that may allow a remote attacker to take control of a system.

Affected Software

The IT Security Office advises owners of the software listed below to update as soon as possible.

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • .NET Core
  • Skype for Business
  • Azure App Service on Azure Stack
  • Team Foundation Server
  • Microsoft Dynamics 365 (on-premises) version 8
  • PowerShell Core
  • Microsoft.PowerShell.Archive 1.2.2.0

Security Bulletin Name

Release Notes: November 2018 Security Updates

Additional Information

Additional information about these vulnerabilities can be viewed at:

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ff746aa5-06a0-e811-a978-000d3a33c573

If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or help@colorado.edu. IT Service Center Hours: https://oit.colorado.edu/support/it-service-center

Definitions for this notice:
Urgent: severity represents a broad threat to the entire campus community including remotely exploitable administrator or root type attacks.
Severe: severity includes worms & web or email based exploits. 
Important: severity includes viruses and local exploits for commonly used services.