Microsoft’s April 2018 Patch Tuesday came and went this week and the company issued its regular monthly software patches to fix various vulnerabilities. Patch Tuesday is the unofficial nickname of the second or third Tuesday of each month. This is when Microsoft rolls out bug fixes and security patches for its line of software products like Windows and Microsoft Office. Although it’s prudent to keep your machines up to date with the latest patches, we’ve been warning you about the recent string of problematic Windows updates this year. For example, the January and March updates brought unforeseen issues that forced Microsoft to issue emergency out-of-band patches to rectify the bugs. We can’t blame you if you want to wait it out and delay, postpone or defer your Windows updates until it’s known that any lingering system-breaking bugs are squashed. Obviously, you don’t want an unbootable system on your hands due to an unstable update. That will be disastrous.
However, it’s still important to know what critical and important fixes are included in each update. For example, it looks like April’s Patch Tuesday doesn’t include any fixes for Intel’s Spectre and Meltdown chip flaws (there’s one for AMD chips though). That’s an important footnote since this year’s system breaking patches were caused by the attempts to mitigate those flaws, anyway. What this month’s updates do contain are 65 security patches, including 24 that are rated critical.
The following are some of the patches the should be installed ASAP:
- (CVE-2018-1034) that addresses an already known elevation of privilege bug in SharePoint
- (CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016) addresses serious remote code execution bugs in the graphics component of Windows
- (CVE-2018-0920) addresses remote execution in Excel
- (CVE-2018-1004) address remote execution in VBScript
- (CVE-2018-8117) addresses security issues for the Microsoft Wireless 850 Keyboard
- (KB4093112) addresses issues for computers with ADM processors
- Adobe Flash player updates (version 188.8.131.52)
- Fixes for Microsoft’s Internet Explorer and Edge browsers