M
Maxo.K
Hi guys,
I have a problem with patching some security vulnerabilities in server 2016.
After internal security vulnerabilities scanning, the following vulnerabilities were found: CVE-2018-0886, CVE-2018-8588.
Server: Windows Server 2016 version 1607 (OS build 14393.2879) with all automatic updates applied, I have no any additional updates pending for days.
According to Microsoft, the following CVEs have the following KBs and patches:
CVE-2018-0886 | KB4103723
{{windowTitle}}
CVE-2018-8588 | KB4467691
{{windowTitle}}
I've tried to install the standalone updates suggested in the advisories above however, no luck with the installation. After trying cumulative and delta standalone updates I'm getting the same error "The update is not applicable to your computer."
I've deployed an additional 2016 server for the test, version 1607 (OS build 14393.2879), and got the same security scanning results and the same patching problem. All the scans were performed with Cronus Cybot.
Am I doing something wrong? Is there another way to patch those CVEs? Any other suggestions?
In case of false positive result, is there any Server 2016 oriented tool like MBSA for the internal check which could check if those vulnerabilities actually exist on that server?
Thank you in advance
Regards,
Max
Continue reading...
I have a problem with patching some security vulnerabilities in server 2016.
After internal security vulnerabilities scanning, the following vulnerabilities were found: CVE-2018-0886, CVE-2018-8588.
Server: Windows Server 2016 version 1607 (OS build 14393.2879) with all automatic updates applied, I have no any additional updates pending for days.
According to Microsoft, the following CVEs have the following KBs and patches:
CVE-2018-0886 | KB4103723
{{windowTitle}}
CVE-2018-8588 | KB4467691
{{windowTitle}}
I've tried to install the standalone updates suggested in the advisories above however, no luck with the installation. After trying cumulative and delta standalone updates I'm getting the same error "The update is not applicable to your computer."
I've deployed an additional 2016 server for the test, version 1607 (OS build 14393.2879), and got the same security scanning results and the same patching problem. All the scans were performed with Cronus Cybot.
Am I doing something wrong? Is there another way to patch those CVEs? Any other suggestions?
In case of false positive result, is there any Server 2016 oriented tool like MBSA for the internal check which could check if those vulnerabilities actually exist on that server?
Thank you in advance
Regards,
Max
Continue reading...