MS Sec Notification mailing list archives
The following CVEs have been revised in the September 2017 Security Updates.
From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Tue, 12 Sep 2017 15:45:31 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ******************************************************************** Title: Microsoft Security Update Minor Revisions Issued: September 12, 2017 ******************************************************************** Summary ======= The following CVEs have been revised in the September 2017 Security Updates. * CVE-2017-8686 * CVE-2017-8707 * CVE-2017-8708 * CVE-2017-8710 * CVE-2017-8714 * CVE-2017-8750 * CVE-2017-8759 Revision Information: ===================== CVE-2017-8686 - Title: CVE-2017-8686| Windows DHCP Server Remote Code Execution Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Added a mitigation stating that customers who have not configured their DHCP server as a failover are not affected by this vulnerability. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Critical - Version: 1.1 CVE-2017-8707 - Title: CVE-2017-8707 | Hyper-V Information Disclosure Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Added Windows Server 2012 and Windows Server 2012 (Server Core Installation) as affected by CVE-2017-8707. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Important - Version: 1.1 CVE-2017-8708 - Title: CVE-2017-8708 | Windows Kernel Information Disclosure Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Updated acknowledgment. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Important - Version: 1.1 CVE-2017-8710 - Title: CVE-2017-8710 | Windows Information Disclosure Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Corrected the affected Windows component in the CVE description. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Important - Version: 1.1 CVE-2017-8714 - Title: CVE-2017-8714 | Remote Desktop Virtual Host Remote Code Execution Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Removed Windows 10 for x64-based Systems as affected by CVE-2017-8714. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Important - Version: 1.1 CVE-2017-8750 - Title: CVE-2017-8750 | Microsoft Browser Memory Corruption Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Updated acknowledgment. This is an informational change only. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Critical - Version: 1.1 CVE-2017-8759 - Title: CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Corrected Product versions and supersedence entries in the Affected Products table, corrected .NET versions in the table in the FAQ, and updated the acknowledgment. These are informational changes only. Customers who have already successfully installed the updates do not need to take any further action. - Originally posted: September 12, 2017 - Updated: September 12, 2017 - CVE Severity Rating: Important - Version: 1.1 Other Information ================= Recognize and avoid fraudulent email to Microsoft customers: ============================================================= If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email. The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at <https://technet.microsoft.com/security/dn753714>. ******************************************************************** THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. ******************************************************************** Microsoft respects your privacy. Please read our online Privacy Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>. If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: <https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>. These settings will not affect any newsletters youâve requested or any mandatory service communications that are considered part of certain Microsoft services. For legal Information, see: <http://www.microsoft.com/info/legalinfo/default.mspx>. This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052 -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsFVAwUBWbhTd/sCXwi14Wq8AQjIog/9HQlFVF8ddfgm8PrH0MpTFQbA4/lwmQuW oSBLBy1C9u0UDtiSxvn8nnAHveTx9E7gXUcbsiDW9ZDx2ml93f4WfRbAS/+Upy2T Wp5aENvt1q1VWZTa/HAwm8xjQF450rTYjrKntB+QnTXQMnjnCGI+1xPu+6/Xa4Lr dYJqA8K9Y1RT6uvG37chveAlLzbbJzXxp6iCjlJ/I1h30HJ5c5pq1PWGTbEwK9Pp B2bYscVgqFbtNsF4nkUt4VJSyn58yapT7n4OW6gj34s15ZaX0cGji/2vx23yZRSW a45/gM814IrqnIlLPkDFnn6ofoKb6HoSZgjF6mE7AhExT7eAm+EAwsUF/iXIeD/w oY2Aj2N3pcHNXOiTsUyuHA/12eB9gvpCUnYwlhv0ydfX53di0SYt8lQgS7fJuaoD 14iXVil6+mdBGzxUz8JbEiyxtjtY7B7C8EbxbQEuMma+ULgVgIKN+TMJeSqXxOve tj7sHuyeJrD7xZAmYp3roKgZpM4VsuhQTTxApaevHLE+O2A8k4qOWDf52AfLANlY FI6XsviPoQrs9zRAoFO4VL4s7dV7s1wVGbwOv19L+0JOaaWHkoxV6a9sS2v5arCF M26jEB6/40ghI6SR2CrizexNVZQHtvlCHDzWAzpMk7vw/sX5aARArB7fyzEBaOLP LRxpnZu7bRY= =HO+9 -----END PGP SIGNATURE-----
Current thread:
- The following CVEs have been revised in the September 2017 Security Updates. Microsoft (Sep 12)