MS Sec Notification mailing list archives

Microsoft Security Update Minor Revisions

From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Thu, 19 Oct 2017 10:51:11 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 18, 2017
********************************************************************

Summary
=======

The following advisory and CVE have been revised in the October 2017 
Security Updates. 

* ADV170012
* CVE-2017-13080


Revision Information:
=====================

ADV170012

 - Title: ADV170012 | Vulnerability in TPM could allow Security
   Feature Bypass
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reasons for Revision: The following revisions added under Step 4: 
   Apply applicable firmware updates are informational only: * Added list 
   of affected Microsoft Surface devices. * Added link for Acer to the 
   table of OEM information.
 - Originally posted: October 10, 2017  
 - Updated: October 18, 2017
 - CVE Severity Rating: Critical
 - Version: 1.4

CVE-2017-13080

 - Title: CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reasons for Revision: Corrected FAQ 4 to clarify that the security 
   updates released on October 10 fully address CVE-2017-13080.
 - Originally posted: October 10, 2017  
 - Updated: October 18, 2017
 - CVE Severity Rating: Important
 - Version: 1.2


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youâve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com
Charset: utf-8

wsFVAwUBWefdvPsCXwi14Wq8AQiuVhAApsH+Wdeo7xcIMC4PtXJ7sq3pjYs/TEUF
uDOE+9lFSlR6WCO5hQxIB6J6CqvoGQe9EzDI46j8KhcTkpFaYonybzWaArfcBNWc
NuMiV/1P7JpDgi/Ysnlp/mvK1pgrXjrQj4mdKxrSpQm8LMHFc5rHuz/PiTnK4eCa
86/fr9cywurkLJfrTpzSBEREeczs4aPJoQGULuorvRhhxVZaHjIHKfzOpIPLOPPs
sC36tmIAMFwQusdD6+JpSTn3hDyoGEO8jBmTYyEb5ubrTHtnnpMhDa5DFjdex5yu
f+Hi/j9JKZrdfIWW1gKubs9sjNmt/4v8Kqs/STlOCNG4UcbSU2QhDxv+zsr6OeDo
2WzAekj/7hojuncoL2MqK7Whm9CILjDAZedfTWOQruYf2z7h9NV3gaCA5qI1OiqA
5SMolK7C1xGr53NqulPGxbTVE3j6jK/8F07lpsm/SZIWwr+i2rWF7omSVjUjXbzm
BOktH/9WTPfd0EjZ0OBk46o7Zx8eAf7XUpGuRwZUrP0oCkuuDhHWvLv3uCVRWiQD
faocQw5lgJWPo3ddvVY3BkDxgGLwsAADOLO1ppkRCFgJzR1ZwM+MRY6eCSN0oJ0N
2wImseS1Saas9g5z+pM3VIudyualRMa5Nm/YikKdB1Ab7rY4zmBmXO32Tcyz3d/y
K2ODm4JNRz8=
=3qws
-----END PGP SIGNATURE-----

Current thread:

Microsoft Security Update Minor Revisions Microsoft (Oct 11)
- <Possible follow-ups>
- Microsoft Security Update Minor Revisions Microsoft (Oct 16)
- Microsoft Security Update Minor Revisions Microsoft (Oct 17)
- Microsoft Security Update Minor Revisions Microsoft (Oct 19)
- Microsoft Security Update Minor Revisions Microsoft (Oct 20)
- Microsoft Security Update Minor Revisions Microsoft (Oct 26)
- Microsoft Security Update Minor Revisions Microsoft (Nov 01)
- Microsoft Security Update Minor Revisions Microsoft (Nov 22)
- Microsoft Security Update Minor Revisions Microsoft (Nov 28)
- Microsoft Security Update Minor Revisions Microsoft (Dec 01)