Overview
Changes to expect in the Ivanti Content:
- With the Ivanti Content release on 04/25/2018, we will be removing detection only patches for machines that do not have the AV registry entry as per the Microsoft article above and will be offering the patches in this document to applicable machines.
We highly suggest all customers review these issues here: https://support.microsoft.com/en-us/help/4072699
Quote:We are lifting the AV compatibility check for Windows security updates for supported Windows 7 SP1 and Windows 8.1 devices via Windows Update. We continue to require that AV software be compatible, and in cases where there are known issues of AV driver compatibility, we will block those devices from updates to avoid any issues. We recommend customers check with their AV provider on compatibility of their installed AV software product.
Affected patches:
- MS18-01-IE Q4056568 - Cumulative Updates for Internet Explorer
- MS18-01-SO7 Q4056897 - Security Only Update for Windows 7 and Server 2008 R2
- MS18-01-SO81 Q4056898 - Security Only Update for Windows 8.1 and 2012 R2
- MS18-01-MR7 Q4056894 - Monthly Rollup for Windows 7: January 4, 2018
- MS18-01-MR81 Q4056895 - Monthly Rollup for Windows 8.1 and 2012 R2: January 8, 2018
- MS18-01-W10 Q4056888, Q4056890, Q4056891, Q4056892, Q4056893 - Cumulative Update for Windows 10 and Server 2016
- MS18-02-IE Q4074736 - Cumulative security update for Internet Explorer: February 13, 2018
- MS18-02-SO7 Q4074587 - Security Only Update for Windows 7 and 2008 R2: February 13, 2018
- MS18-02-SO81 Q4074597 - Security Only Update for Windows 8.1 and 2012 R2: February 13, 2018
- MS18-02-MR7 Q4074598 - Monthly Rollup for Windows 7: February 13, 2018
- MS18-02-MR81 Q4074594 - Monthly Rollup for Windows 8.1 and 2012 R2: February 13, 2018
- MS18-02-W10 Q4074588, Q4074592, Q4074596, Q4074590, Q4074591 - Cumulative Update for Windows 10 and Windows Server 2016
Affected CVEs:
- CVE-2017-5753
- CVE-2017-5715
- CVE-2017-5754
Link to Security bulletin advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Additional Information
How to scan for specific patches: How To: Include or Exclude Specific Patches in Scan Results in Shavlik Protect
How to deploy these patches: How To: Deploy Windows Security OOB updates released January and February 2018
How to add the registry using Security Tool IVA18-002 Q4072699: Security Tool: Implement the QualityCompat registry key that enables Windows security updates released on January 3, 2018
Affected Products
Ivanti Patch for Windows Servers 9.3.x
Shavlik Protect 9.2.x