web analytics

Microsoft Security Update Minor Revisions Issued: September 12, 2017

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

 

********************************************************************

Title: Microsoft Security Update Minor Revisions

Issued: September 12, 2017

********************************************************************

 

Summary

=======

 

The following CVEs have been revised in the September 2017 Security Updates.

 

* CVE-2017-8686

* CVE-2017-8707

* CVE-2017-8708

* CVE-2017-8710

* CVE-2017-8714

* CVE-2017-8750

* CVE-2017-8759

 

 

Revision Information:

=====================

 

CVE-2017-8686

 

 – Title: CVE-2017-8686| Windows DHCP Server Remote Code Execution

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Added a mitigation stating that customers

   who have not configured their DHCP server as a failover are not

   affected by this vulnerability. This is an informational change

   only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Critical

 – Version: 1.1

 

CVE-2017-8707

 

 – Title: CVE-2017-8707 | Hyper-V Information Disclosure

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Added Windows Server 2012 and Windows Server

   2012 (Server Core Installation) as affected by CVE-2017-8707.

   This is an informational change only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Important

 – Version: 1.1

 

CVE-2017-8708

 

 – Title: CVE-2017-8708 | Windows Kernel Information Disclosure

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Updated acknowledgment. This is an

   informational change only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Important

 – Version: 1.1

 

CVE-2017-8710

 

 – Title: CVE-2017-8710 | Windows Information Disclosure

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Corrected the affected Windows component

   in the CVE description. This is an informational change only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Important

 – Version: 1.1

 

CVE-2017-8714

 

 – Title: CVE-2017-8714 | Remote Desktop Virtual Host Remote Code

   Execution Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Removed Windows 10 for x64-based Systems as

   affected by CVE-2017-8714. This is an informational change only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Important

 – Version: 1.1

 

CVE-2017-8750

 

 – Title: CVE-2017-8750 | Microsoft Browser Memory Corruption

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Updated acknowledgment. This is an

   informational change only.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Critical

 – Version: 1.1

 

CVE-2017-8759

 

 – Title: CVE-2017-8759 | .NET Framework Remote Code Execution

   Vulnerability

 – https://portal.msrc.microsoft.com/en-us/security-guidance

 – Reason for Revision: Corrected Product versions and

   supersedence entries in the Affected Products table, corrected

   .NET versions in the table in the FAQ, and updated the

   acknowledgment. These are informational changes only.

   Customers who have already successfully installed the updates

   do not need to take any further action.

 – Originally posted: September 12, 2017

 – Updated: September 12, 2017

 – CVE Severity Rating: Important

 – Version: 1.1

 

Other Information

=================

 

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico