MS Sec Notification mailing list archives

Microsoft Security Update Releases

From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Thu, 18 Jan 2018 20:43:18 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Releases
Issued: January 18, 2018
********************************************************************

Summary
=======

The following advisory has undergone major revision increments:

* ADV180002

  
Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 7.0
 - Reason for Revision: On January 5, 2018, Microsoft re-released 
   KB4056898 (Security Only) for Windows 8.1 and Windows Server 
   2012 R2 to address a known issue. Customers who have installed 
   the original package on 1/3/2018 should reinstall the update.
 - Originally posted: January 3, 2018
 - Updated: January 18, 2018
 - Aggregate CVE Severity Rating: N/A

- - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 8.0
 - Reason for Revision: Microsoft has released security update 
   4073291 to provide additional protections for the 32-bit (x86) 
   version of Windows 10 Version 1709 related to CVE 2017-5754 
   (âMeltdownâ). Microsoft recommends that customers running 
   Windows 10 Version 1709 for 32-bit systems install the update 
   as soon as possible. Microsoft continues to work to provide 
   32-bit (x86) protections for other supported Windows versions
   but does not have a release schedule at this time. The update
   is currently available via the Microsoft Update Catalog only, 
   and will be included in subsequent updates. This update does
   not apply to x64 (64-bit) systems.
 - Originally posted: January 3, 2018
 - Updated: January 18, 2018
 - Aggregate CVE Severity Rating: N/A


The following CVEs have undergone a major revision increment:

* CVE-2018-0764
* CVE-2018-0786
  
Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 2.0
 - Reason for Revision: To address a regression issue after 
   installing security update 4055002, Microsoft has released 
   security update 4074880 for Microsoft .NET 4.6/4.6.1/4.6.2/
   4.7/4.7.1 installed on supported editions of Windows 7 and 
   Windows Server 2008 R2. Customers who have already installed
   KB4055002 should install KB4074880 to be protected from this 
   vulnerability.
 - Originally posted: January 9, 2018
 - Updated: January 18, 2018
 - Aggregate CVE Severity Rating: Important


The following CVEs have undergone a major revision increment:

* CVE-2018-0744         * CVE-2018-0752
* CVE-2018-0746         * CVE-2018-0753
* CVE-2018-0748         * CVE-2018-0754
* CVE-2018-0749         * CVE-2018-0788
* CVE-2018-0751
  
Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 3.0
 - Reason for Revision: On January 5, 2018, Microsoft re-released 
   KB4056898 (Security Only) for Windows 8.1 and Windows Server 
   2012 R2 to address a known issue. Customers who have installed 
   the original package on 1/3/2018 should reinstall the update.
 - Originally posted: January 3, 2018
 - Updated: January 18, 2018
 - Aggregate CVE Severity Rating: Important


The following CVE has undergone a major revision increment:

* CVE-2018-0747

Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 4.0
 - Reason for Revision: On January 5, 2018, Microsoft re-released 
   KB4056898 (Security Only) for Windows 8.1 and Windows Server 
   2012 R2 to address a known issue. Customers who have installed 
   the original package on 1/3/2018 should reinstall the update.
 - Originally posted: January 3, 2018
 - Updated: January 18, 2018
 - Aggregate CVE Severity Rating: Important



Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youâve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAlphUrkACgkQEEiO2re1
8ujLKA//Y9qY54ZgRfXauAuWCHjXdWZvHr1ml1NfLBYigd8E1DOpRmtZ5Z++fEpl
g/k4DJrSLN7F1KsO5fJIsqtlOSu35jXJ9YFc/X9z/oMVXjkLclWaHH7uWjnCRpUQ
fLCrLeY3OHqL05tx5qcungLrHA3M1ZK4tOfSHDXFqVIRkIGKaN0PSZ68QhJw7djL
U/WJwgz9x4Evp63BuwM6osFl1vV3iovFjOZqZXwcLXW1Pw/aOhhB+5L/yQRqwCMK
B13HlGpAX86dttSQtyQvVAyRUdF6gWUow+uHQnc4Y54xWKknVGBwQML89TzebmwZ
UkezP4Sln/a5hU5NCwsMmk0zQBaV/KY4Hm3mmkChBLAVH5qxPWHB4kL/xf1oaQxN
ALTSiYley9umYC+app4HOLqesAxvxEPBieRf5moUQ5YHt6x6f35X7bChNBv4akN3
1+OGJ3uq/hqLD7EsmT03K4ZG45uWUTx9YTlWT7WKChS8vmC+uZENQ8tjjNrKK6Jm
IPzp2Vf9MU6UgaJ3PTBlYhzxQPRCe2NRFkpsQupUZ/PYmLrsWtE+v7vnppfv4jCr
agkd8dmGZ9qHPXydupodupc9TQGzgTUzZ5pBSPJ8zXMOB7RSJRVJFXIWgi+b3qNO
lvVRG505xcJHF3DwT/FJ/IiCWZD50cKUGVabXmQMA2XEgDxvhgA=
=6GdP
-----END PGP SIGNATURE-----

Current thread:

Microsoft Security Update Releases Microsoft (Jan 05)
- <Possible follow-ups>
- Microsoft Security Update Releases Microsoft (Jan 18)
- Microsoft Security Update Releases Microsoft (Jan 18)
- Microsoft Security Update Releases Microsoft (Jan 18)
- Microsoft Security Update Releases Microsoft (Jan 19)
- Microsoft Security Update Releases Microsoft (Jan 22)
- Microsoft Security Update Releases Microsoft (Jan 26)
- Microsoft Security Update Releases Microsoft (Jan 29)
- Microsoft Security Update Releases Microsoft (Feb 16)
- Microsoft Security Update Releases Microsoft (Mar 13)
- Microsoft Security Update Releases Microsoft (Mar 23)
- Microsoft Security Update Releases Microsoft (Mar 29)