That patch does not show up in the Portal 10.5 "Check for Updates" tool

Hi Bill,

There are two patches - one's a cumulative patch for 10.3.1, 10.4.1, 10.5.1 and 10.6.1 - referred to as the "Portal for ArcGIS Security 2018 Update 3" patch. This patch contains the critical privilege escalation patch plus patches for other medium priority issues. 

For 10.3, 10.4, 10.5, and 10.6, we've released a stand alone patch that only addresses the critical  issue described as:

• BUG-000117564 - Privilege escalation vulnerability

This patch is titled "Portal for ArcGIS Privilege Escalation Security Patch"

For 10.5.0, you should see "Portal for ArcGIS Privilege Escalation Security Patch".

The recommendation is to move to the "dot" minor version and install the full Update 3 patch. If that's not possible, due to the critical nature of the issue addressed, we took the step to provide a stand-alone patch for this this issue at the current major releases as well.

I don't have a 10.5.0 machine handy, but I'm curious to see if you see "Portal for ArcGIS Privilege Escalation Security Patch" in patchfinder. I do see the "Portal for ArcGIS Security 2018 Update 3" patch in the 10.5.1 patchfinder.

Adding more areas:

ArcGIS Enterprise Implementing ArcGIS

Thank you Randall,

I still did not see either patches offered in the check for updates tool.

I manually checked the esri downloads web page and fond the specific patch for 10.5.0 as you mentioned.

It installed in about five minutes and I went ahead and rebooted that server.

-Bill

Randall,

While looking for this fix I was confused thinking this is the TLS issue too and noticed the TLS patch for ArcGIS Desktop 10.6.1 is out now.

So, I applied it on a ArcMap 10.6.1 windows 10 desktop and can now see content again from my 10.5.0 Portal.

Users were having to stick with Desktop 10.6.0

Can you please clarify this a little bit?

Randall Williams‌

-Bill