Tuesday, March 14, 2017

Microsoft Security Updates for March, 2017


After the last minute issue that resulted in the postponement of the February updates, security updates have been released for March.

Although this was to be the start of replacing security bulletins with the new Security Updates Guide, security bulletins were also published this month to provide extra time to prepare for the transition. The new guide includes the ability to view and search security vulnerability information in a single online database. The guide is described as a "portal" by the MSRC Team in Furthering our commitment to security updates.

March Security Update Details:

Microsoft released seventeen (17) bulletins.  Nine (9) bulletins are identified as Critical and eight (8) rated Important in severity

The updates address vulnerabilities in Microsoft Windows, Microsoft Edge, Internet Explorer, Microsoft Office, Skype for Business, Microsoft Lync, Microsoft Silverlight, Microsoft Server Software, Microsoft Communications Platforms and Software, Microsoft Exchange and Adobe Flash Player for Windows 8.1 and above. 

Addressed in the updates are Remote Code Execution, Information Disclosure and Elevation of Privilege.

Information about the update for Windows 10 is available at Windows 10 update history.
 
Critical:
  • MS17-006 -- Cumulative Security Update for Internet Explorer (4013073)
  • MS17-007 -- Cumulative Security Update for Microsoft Edge (4013071)
  • MS17-008 -- Security Update for Windows Hyper-V (4013082)
  • MS17-009 -- Security Update for Microsoft Windows PDF Library (4010319)
  • MS17-010 -- Security Update for Microsoft Windows SMB Server (4013389)
  • MS17-011 -- Security Update for Microsoft Uniscribe (4013076) 
  • MS17-012 -- Security Update for Microsoft Windows (4013078)
  • MS17-013 -- Security Update for Microsoft Graphics Component (4013075)
  • MS17-023 -- Security Update for Adobe Flash Player (4014329) 
Important:
  • MS17-014 -- Security Update for Microsoft Office (4013241)
  • MS17-015 -- Security Update for Microsoft Exchange Server (4013242) 
  • MS17-017 -- Security Update for Windows Kernel (4013081)
  • MS17-018 -- Security Update for Windows Kernel-Mode Drivers (4013083)
  • MS17-019 -- Security Update for Active Directory Federation Services (4010320)
  • MS17-020 -- Security Update for Windows DVD Maker (3208223)
  • MS17-021 -- Security Update for Windows DirectShow (4010318)
  • MS17-022 -- Security Update for Microsoft XML Core Services (4010321)      

    Additional Update Notes

    • Adobe Flash Player -- For Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1 and Windows 10, Adobe Flash Player is now a security bulletin rather than a security advisory and is included with the updates as identified above.
    • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. 
    • Windows 10 -- A summary of important product developments included in each update, with links to more details is available at Windows 10 Update History. The page will be regularly refreshed, as new updates are released.

    References


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...





      No comments: