MS Sec Notification mailing list archives

Microsoft Security Bulletin Releases

From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Wed, 12 Apr 2017 16:30:05 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This mailer has been re-released with an updated PGP signature.
********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: April 11, 2017
********************************************************************

Summary
=======

The following bulletins have undergone a major revision increment. 

* MS16-037 - Critical
* MS17-013 - Critical
* MS17-014 - Important
* MS17-021 - Important

* MS16-APR
* MS17-MAR


Bulletin Information:
=====================

MS16-037

 - Title: Cumulative Security Update for Internet Explorer (3148531)
 - https://technet.microsoft.com/library/security/ms16-037.aspx
 - Reason for Revision: Bulletin revised to announce the release
   of a new Internet Explorer cumulative update (4014661) for
   CVE-2016-0162. The update adds to the original release to
   comprehensively address CVE-2016-0162. Microsoft recommends that
   customers running the affected software install the security
   update to be fully protected from the vulnerability described
   in this bulletin. See Microsoft Knowledge Base Article 4014661
   for more information.
 - Originally posted: April 12, 2016   
 - Updated: April 11, 2017
 - Bulletin Severity Rating: Critical
 - Version: 2.0
 
MS17-013

 - Title: Security Update for Microsoft Graphics Component (4013075)
 - https://technet.microsoft.com/library/security/ms17-013.aspx
 - Reason for Revision: Bulletin revised to announce the release of
   update 4017018 for Windows Vista and Windows Server 2008. The
   update replaces update 4012583 for CVE-2017-0038 only, to
   comprehensively address the vulnerability. Microsoft recommends
   that customers running the affected software install the security
   update to be fully protected from the vulnerability described in
   this bulletin. See Microsoft Knowledge Base Article 4017018 for
   more information.
 - Originally posted: March 14, 2017   
 - Updated: April 11, 2017
 - Bulletin Severity Rating: Critical
 - Version: 2.0 

MS17-014

 - Title: Security Update for Microsoft Office (4013241)
 - https://technet.microsoft.com/library/security/ms17-014.aspx
 - Reason for Revision: To comprehensively address CVE-2017-0027 for
   Office for Mac 2011 only, Microsoft is releasing security update
   3212218. Microsoft recommends that customers running Office for
   Mac 2011 install update 3212218 to be fully protected from this
   vulnerability. See Microsoft Knowledge Base Article 3212218 for
   more information.
 - Originally posted: March 14, 2017   
 - Updated: April 11, 2017
 - Bulletin Severity Rating: Important
 - Version: 2.0

MS17-021

 - Title: Security Update for Windows DirectShow (4010318)
 - https://technet.microsoft.com/library/security/ms17-021.aspx
 - Reason for Revision: Bulletin revised to announce that the security
   updates that apply to CVE-2017-0042 for Windows Server 2012 are now
   available. Customers running Windows Server 2012 should install
   update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be
   fully protected from this vulnerability. Customers running other
   versions of Microsoft Windows do not need to take any further
   action.
 - Originally posted: March 14, 2017   
 - Updated: April 11, 2017
 - Bulletin Severity Rating: Important
 - Version: 2.0

MS16-APR

 - Title: Microsoft Security Bulletin Summary for April 2016 
 - https://technet.microsoft.com/library/security/ms16-apr.aspx
 - Reason for Revision: V3.0 (April 11, 2016): For MS16-037,
   Bulletin Summary revised to announce the release of a new
   Internet Explorer cumulative update (4014661) for CVE-2016-0162.
   The update adds to the original release to comprehensively address
   CVE-2016-0162. Microsoft recommends that customers running the
   affected software install the security update to be fully protected
   from the vulnerability described in this bulletin. See Microsoft
   Knowledge Base Article 4014661 for more information.
 - Originally posted: April 12, 2016
 - Updated: April 11, 2016
 - Bulletin Severity Rating: Not applicable
 - Version: 3.0

MS17-MAR

 - Title: Microsoft Security Bulletin Summary for March 2017 
 - https://technet.microsoft.com/library/security/ms17-mar.aspx
 - Reason for Revision: V2.0 (April 11, 2016): For MS17-013,
   Bulletin Summary revised to announce the release of update 4017018
   for Windows Vista and Windows Server 2008. The update replaces
   update 4012583 for CVE-2017-0038 only, to comprehensively address
   the vulnerability. Microsoft recommends that customers running the
   affected software install the security update to be fully protected
   from the vulnerability described in this bulletin. See Microsoft
   Knowledge Base Article 4017018 for more information.

   For MS17-014, to comprehensively address CVE-2017-0027 for Office for
   Mac 2011 only, Microsoft is releasing security update 3212218.
   Microsoft recommends that customers running Office for Mac 2011
   install update 3212218 to be fully protected from this vulnerability.
   See Microsoft Knowledge Base Article 3212218 for more information.

   For MS17-021, security updates that apply to CVE-2017-0042 for
   Windows Server 2012 are now available. Customers running Windows Server
2012
   should install update 4015548 (Security Only) or 4015551 (Monthly
Rollup)
   to be fully protected from this vulnerability. Customers running other
   versions of Microsoft Windows do not need to take any further action.
 - Originally posted: March 14, 2017
 - Updated: April 11, 2016
 - Bulletin Severity Rating: Not applicable
 - Version: 2.0


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youâve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBWO6k9/sCXwi14Wq8AQgHSRAAk4QzXesgIO3EVxJS6qL5paGOGZVSgLas
6TqLvDNB0sdJti9/D4YceeDUOhfXzF3cwX0RqgTWSZII6yq5F3om+7AEVIFWT2Bl
CZEJNPHfD10e2yWJrE+Q77WUfKu8e4OElLRa70C0bb5YyQSNQOPy+NKuLnR38LKz
me/17dYghI6h23bAg807JrSL6/A2R4A7GBmPHRo2G4yfOPsBwwyCA1CGivEkcOeU
+0ixhXRYUA2nDLtktGJ7SUvTAEKQO2niq5agyUPKyZZ75OqG0pgPgUM7Vpsg1bWQ
T+yC9mxnGKtaAD5PTeFD59C39Afiwt//Cmmhvm+c/4JQmvg3hTWg5v5JuzGQ6GGZ
/QRDQ/LAKu9c4I1j3hSxVtJrMD8Zmt4QzEeLb8lW/GuoU5IJtDddjQwVHS/TWPbI
6AG6c6trtcIl3HDoeiRvvj0yvy8GcpVs36GT7PbIrxemwwoQjuXRQTwpKKYkZRZh
etWafperEYu1GDKqJ11QMQZA5/VByvuJp1cQX1E7wYE5JrTSEIr3z6mzn8zzB0Ji
Y0KfsOzRzcRSCpg1OHZ9O4VJRpGFkRpl774lcUHCRSkUgshFjdoZ4uYe91TAAB71
9iHJAFXSkqReaTpzE7qct1goY0pFmEJJbaxPMihaT08VKb9OVCUgZuZH02ZNMnn0
AQpdD20P02c=
=+3wb
-----END PGP SIGNATURE-----
Current thread:

Microsoft Security Bulletin Releases Microsoft (Apr 11)
- <Possible follow-ups>
- Microsoft Security Bulletin Releases Microsoft (Apr 12)