—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: September 12, 2017
********************************************************************
Summary
=======
The following CVEs have been revised in the September 2017 Security Updates.
* CVE-2017-8686
* CVE-2017-8707
* CVE-2017-8708
* CVE-2017-8710
* CVE-2017-8714
* CVE-2017-8750
* CVE-2017-8759
Revision Information:
=====================
CVE-2017-8686
– Title: CVE-2017-8686| Windows DHCP Server Remote Code Execution
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Added a mitigation stating that customers
who have not configured their DHCP server as a failover are not
affected by this vulnerability. This is an informational change
only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Critical
– Version: 1.1
CVE-2017-8707
– Title: CVE-2017-8707 | Hyper-V Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Added Windows Server 2012 and Windows Server
2012 (Server Core Installation) as affected by CVE-2017-8707.
This is an informational change only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Important
– Version: 1.1
CVE-2017-8708
– Title: CVE-2017-8708 | Windows Kernel Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Updated acknowledgment. This is an
informational change only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Important
– Version: 1.1
CVE-2017-8710
– Title: CVE-2017-8710 | Windows Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Corrected the affected Windows component
in the CVE description. This is an informational change only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Important
– Version: 1.1
CVE-2017-8714
– Title: CVE-2017-8714 | Remote Desktop Virtual Host Remote Code
Execution Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Removed Windows 10 for x64-based Systems as
affected by CVE-2017-8714. This is an informational change only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Important
– Version: 1.1
CVE-2017-8750
– Title: CVE-2017-8750 | Microsoft Browser Memory Corruption
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Updated acknowledgment. This is an
informational change only.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Critical
– Version: 1.1
CVE-2017-8759
– Title: CVE-2017-8759 | .NET Framework Remote Code Execution
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Corrected Product versions and
supersedence entries in the Affected Products table, corrected
.NET versions in the table in the FAQ, and updated the
acknowledgment. These are informational changes only.
Customers who have already successfully installed the updates
do not need to take any further action.
– Originally posted: September 12, 2017
– Updated: September 12, 2017
– CVE Severity Rating: Important
– Version: 1.1
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Take a look at the best antivirus, anti-malware, anti-spy, etc. software
Powered by WPeMatico