As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.

Run all software with the least privileges required while still maintaining functionality.

Avoid handling files from unknown or questionable sources.

Never visit sites of unknown or questionable integrity.

Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the September 2018 releases can be found here:

https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer

Microsoft Edge

Microsoft Office

.NET Framework

Microsoft Windows

Device Guard Code

Hyper-V

JET Database Engine

Azure IoT SDK

Lync for Mac

ChakraCore



The following is a breakdown of the issues being addressed this month:

More information is available on Symantec's free Security Center portal and to our customers through the DeepSight Threat Management System.