Microsoft February 2017 Security Update Release Updated

Security Updates / Bulletins / Advisories No Comments »

UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017.

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.

February 2017 security update release

Microsoft February 2017 Security Update Release Postponed

Security Updates / Bulletins / Advisories No Comments »

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.

February 2017 security update release

Microsoft Security Advisory Notification Issued: January 27, 2017

Security Updates / Bulletins / Advisories No Comments »
Security Advisories Released or Updated Today

* Microsoft Security Advisory 4010983
– Title: Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of
Service
– »technet.microsoft.com/li ··· 983.aspx
– Reason for Revision: V1.0 (January 27, 2017): Advisory
published.
– Originally posted: January 27, 2017
– Updated: N/A
– Version: 1.0

January 2017 Security Updates Release Notes

Security Updates / Bulletins / Advisories No Comments »

Release Date: January 10, 2017

The January security release consists of security updates for the following software:

  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Servers
  • Adobe Flash Player

Please note the following information regarding the security updates:

  • There are no security fixes or quality improvements for Windows 8.1 or Windows Server 2012 R2 for release on Update Tuesday for January 2017.  As such, there is no Security Only Quality Update or Security Monthly Quality Rollup release for these platforms this month.
  • Beginning with the October 2016 release, Microsoft is changing the update servicing model for Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. For more information, please see this Microsoft Technet article,  Further simplifying servicing models forWindows 7 and Windows 8.1.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

Note As a reminder, the Security Updates Guide will be replacing security bulletins as of February 2017. Please see our blog post, Furthering our commitment to security updates, for more details.

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/f2d46a8e-2fcd-e611-80d6-000d3a32fc99

Microsoft Security Advisory Notification Issued: January 10, 2017

Security Updates / Bulletins / Advisories No Comments »

Security Advisories Released or Updated Today

* Microsoft Security Advisory 3214296
– Title: Vulnerabilities in Identity Model Extensions Token Signing
Verification
https://technet.microsoft.com/library/security/3214296.aspx
– Reason for Revision: V1.0 (January 10, 2017): Advisory
published.
– Originally posted: January 10, 2017
– Updated: N/A
– Version: 1.0

Microsoft Security Bulletin(s) for January 10, 2017

Security Updates / Bulletins / Advisories No Comments »

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
https://technet.microsoft.com/library/security/ms17-jan

Critical (2)

Microsoft Security Bulletin MS17-002
Security Update for Microsoft Office (3214291)
https://technet.microsoft.com/library/security/ms17-002

Microsoft Security Bulletin MS17-003
Security Update for Adobe Flash Player (3214628)
https://technet.microsoft.com/library/security/ms17-003

Important (2)

Microsoft Security Bulletin MS17-001
Security Update for Microsoft Edge (3199709)
https://technet.microsoft.com/library/security/ms17-001

Microsoft Security Bulletin MS17-004
Security Update for Local Security Authority Subsystem Service (3216771)
https://technet.microsoft.com/library/security/ms17-004

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Note: Microsoft states that after the January 2017 Update Tuesday release, they will only publish update information to the https://portal.msrc.microsoft.com/en-us/

Microsoft Security Bulletin Releases Issued: December 19, 2016

Security Updates / Bulletins / Advisories Comments Off on Microsoft Security Bulletin Releases Issued: December 19, 2016

Summary

The following bulletins have undergone a major revision increment.

* MS16-155 – Important

 

Bulletin Information:

MS16-155

– Title: Security Update for .NET Framework (3205640)
https://technet.microsoft.com/library/security/ms16-155.aspx
– Reason for Revision: Revised bulletin to announce that Security
and Quality Rollup updates 3210142 and 3205402 have been
rereleased with a detection change for WSUS customers that
removes a supersedence relationship between these and previously
released October Security-Only updates 3188736 and 3188730,
respectively. These are detection changes only. There were no
changes to the update files. Customers who have already
successfully installed any of these updates do not need to take
any action. For more information, see the Microsoft Knowledge
Base article for the respective update.

In addition, revised bulletin to announce that update 3210142 is
available for Windows Server 2008 for Itanium-based Systems
Service Pack 2, and that update 3205402 is available for Windows
Server 2008 R2 for Itanium-based Systems Service Pack 1. Customers
should apply the applicable updates to be protected from the
vulnerabilities discussed in this bulletin. The majority of
customers have automatic updating enabled and will not need to
take any action because the updates will be downloaded and
installed automatically.

– Originally posted: December 13, 2016
– Updated: December 19, 2016
– Bulletin Severity Rating: Important
– Version: 2.0

Microsoft Security Bulletin(s) for December 13, 2016

Security Updates / Bulletins / Advisories Comments Off on Microsoft Security Bulletin(s) for December 13, 2016

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
https://technet.microsoft.com/library/security/ms16-dec

Critical (6)

Microsoft Security Bulletin MS16-144
Cumulative Security Update for Internet Explorer (3204059)
https://technet.microsoft.com/library/security/ms16-144

Microsoft Security Bulletin MS16-145
Cumulative Security Update for Microsoft Edge (3204062)
https://technet.microsoft.com/library/security/ms16-145

Microsoft Security Bulletin MS16-146
Security Update for Microsoft Graphics Component (3204066)
https://technet.microsoft.com/library/security/ms16-146

Microsoft Security Bulletin MS16-147
Security Update for Microsoft Uniscribe (3204063)
https://technet.microsoft.com/library/security/ms16-147

Microsoft Security Bulletin MS16-148
Security Update for Microsoft Office (3204068)
https://technet.microsoft.com/library/security/ms16-148

Microsoft Security Bulletin MS16-154
Security Update for Microsoft Office (3204068)
https://technet.microsoft.com/library/security/ms16-154

Important (6)

Microsoft Security Bulletin MS16-149
Security Update for Microsoft Windows (3205655)
https://technet.microsoft.com/library/security/ms16-149

Microsoft Security Bulletin MS16-150
Security Update for Secure Kernel Mode (3205642)
https://technet.microsoft.com/library/security/ms16-150

Microsoft Security Bulletin MS16-151
Security Update for Windows Kernel-Mode Drivers (3205651)
https://technet.microsoft.com/library/security/ms16-151

Microsoft Security Bulletin MS16-152
Security Update for Windows Kernel (3199709)
https://technet.microsoft.com/library/security/ms16-152

Microsoft Security Bulletin MS16-153
Security Update for Common Log File System Driver (3207328)
https://technet.microsoft.com/library/security/ms16-153

Microsoft Security Bulletin MS16-155
Security Update for .NET Framework (3205640)
https://technet.microsoft.com/library/security/ms16-155

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Microsoft Security Bulletin Minor Revisions Issued: November 23, 2016

Security Updates / Bulletins / Advisories Comments Off on Microsoft Security Bulletin Minor Revisions Issued: November 23, 2016

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-130
* MS16-140

Bulletin Information:

MS16-130

– Title: Security Update for Microsoft Windows (3199172)
https://technet.microsoft.com/library/security/ms16-130.aspx
– Reason for Revision: Updated the vulnerability description for
CVE-2016-7222. This is an informational change only.
– Originally posted: November 8, 2016
– Updated: November 23, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1

MS16-140

– Title: Security Update for Boot Manager (3193479)
https://technet.microsoft.com/library/security/ms16-140.aspx
– Reason for Revision: Revised bulletin to announce a detection
change for certain servers running Windows Servers 2012,
Windows Server 2012 R2, and Windows Server 2016. Affected
servers will not automatically receive the security update.
For more information about the servers affected by this detection
change, see Knowledge Base Article 3193479.
– Originally posted: November 8, 2016
– Updated: November 23, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

Microsoft Security Bulletin Minor Revisions Issued: November 8, 2016

Security Updates / Bulletins / Advisories Comments Off on Microsoft Security Bulletin Minor Revisions Issued: November 8, 2016
Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-035
* MS16-091
* MS16-101

Bulletin Information:

MS16-035

– Title: Security Update for .NET Framework to Address
Security Feature Bypass (3141780)
– »technet.microsoft.com/li ··· 035.aspx
– Reason for Revision: Revised bulletin to
announce that a detection change was made to account for
.NET Framework 4.6.1 hotfix rollup customers who were not being
properly offered security updates applicable to
.NET Framework 4.6.1.
– Originally posted: March 8, 2016
– Updated: November 8, 2016
– Bulletin Severity Rating: Important
– Version: 2.6

MS16-091

– Title: Security Update for .NET Framework (3170048)
– »technet.microsoft.com/li ··· 091.aspx
– Reason for Revision: Revised bulletin to announce that a
detection change was made to account for .NET Framework 4.6.1
hotfix rollup customers who were not being properly offered
security updates applicable to the .NET Framework 4.6.1
– Originally posted: July 12, 2016
– Updated: November 8, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

MS16-120

– Title: Security Update for Microsoft Graphics
Component (3192884)
– »technet.microsoft.com/li ··· 120.aspx
– Reason for Revision: Revise bulletin to announce a detection
change to address an issue in supersedence, specifically in
WSUS environments where various updates applicable to
Windows 7 SP1 and Windows Server 2008 R2 SP1 were incorrectly
marked as being superseded. This is a detection change only.
There were no changes to the update files. Customers who
have already successfully installed the update do not need
to take any action.
– Originally posted: October 11, 2016
– Updated: November 8, 2016
– Bulletin Severity Rating: Critical
– Version: 1.1


© 2017 DP's Bits & Bytes.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in