web analytics

Microsoft Security Update Minor Revisions Issued: June 21, 2017

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

 

********************************************************************

Title: Microsoft Security Update Minor Revisions

Issued: June 21, 2017

********************************************************************

 

Summary

=======

 

 The following CVEs have been added to June 2017 security release.

 

* CVE-2017-8575  

* CVE-2017-8576

* CVE-2017-8579

 

Revision Information:

=====================

 

 – CVE-2017-8575 | Microsoft Graphics Component Information

   Disclosure Vulnerability

 

 – CVE-2017-8576 | Microsoft Graphics Component Elevation of

   Privilege Vulnerability

 

 – CVE-2017-8579 | DirectX Elevation of Privilege Vulnerability

 

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Version: 1.0

 – Reason for Revision: Information published.

 – Originally posted: June 19, 2017

 – Aggregate CVE Severity Rating: Important

 

 

Summary

=======

 

The following CVEs have been revised in the June 2017 Security Updates.

 

* CVE-2017-0228

* CVE-2017-0292

* CVE-2017-8509

 

Revision Information:

=====================

 

CVE-2017-0228

 

 – Title: CVE-2017-0228 | Scripting Engine Memory Corruption

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Revised Affected Products table to include

   Microsoft Edge on Windows 10,  Windows 10 Version 1511, Windows 10

   Version 1607, and Windows 10 Version 1703 because these products

   are affected by this CVE. This is an informational change only.

 – Originally posted: June 21, 2017

 – CVE Severity Rating: Critical

 – Version: 1.1

 

CVE-2017-0292

 

 – Title: CVE-2017-0292 | Windows PDF Remote Code Execution

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Corrected the updates replaced for

   Microsoft Word 2013 Service Pack 1 and Microsoft Word 2016. This

   is an informational change only. Customers who have already

   successfully installed the updates do not need to take any action.

 – Originally posted: June 21, 2017

 – CVE Severity Rating: Critical

 – Version: 1.1

 

CVE-2017-8509

 

 – Title: CVE-2017-8509 | Microsoft Office Remote Code Execution

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: In the Affected Products table corrected the

   updates replaced for Microsoft Word 2013 Service Pack 1 and Microsoft

   Word 2016. In addition, corrected the affected software for security

   update 3191908 from OneNote 2010 to Office 2010. These are

   informational changes only. Customers who have already successfully

   installed the updates do not need to take any action.

 – Originally posted: June 21, 2017

 – CVE Severity Rating: Critical

 – Version: 1.1

 

 

Other Information

=================

 

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico