-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

***************************& -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Releases
Issued: August 8, 2017
********************************************************************

Summary
=======

The following CVEs and security bulletins have undergone a major
revision increment.

* CVE-2017-0071
* CVE-2017-0228
* CVE-2017-0299
* MS17-007
* MS17-MAR


CVE Revision Information:
=====================

CVE-2017-0071

- Title: CVE-2017-0071 | Scripting Engine Memory Corruption
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: To comprehensively address CVE-2017-0071,
Microsoft released the July security updates for all versions of
Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10
for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems,
and Windows 10 Version 1703 for x64-based Systems have been added
to the Affected Products table as they are also affected by this
vulnerability. Microsoft recommends that customers who have not
already done so install the July 2017 security updates to be
fully protected from this vulnerability.
- Originally posted: March 14, 2017
- Updated: August 8, 2017
- CVE Severity Rating: Critical
- Version: 2.0

CVE-2017-0228

- Title: CVE-2017-0228| Scripting Engine Memory Corruption
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: To comprehensively address CVE-2017-0228,
Microsoft has released August security updates for Internet
Explorer 11 on affected editions of Windows 8.1, Windows Server
2012 R2, Windows 8.1 RT, Windows 10, Windows 10 Version 1511,
Windows 10 Version 1607, and Windows 10 Version 1703; and for
Microsoft Edge on affected editions of Windows 10, Windows 10
Version 1511, Windows 10 Version 1607, and Windows 10 Version 1703.
Microsoft strongly recommends that customers install the updates
to be fully protected from the vulnerability. Customers whose
systems are configured to receive automatic updates do not need
to take any further action.
- Originally posted: May 9, 2017
- Updated: August 8, 2017
- CVE Severity Rating: Critical
- Version: 2.0

CVE-2017-0299

- Title: CVE-2017-0299 | Windows Kernel Information Disclosure
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: To comprehensively address CVE-2017-0299,
Microsoft has released August security updates for all affected
editions of Microsoft Windows. Microsoft strongly recommends that
customers install the updates to be fully protected from the
vulnerability. Customers whose systems are configured to receive
automatic updates do not need to take any further action.
- Originally posted: June 13, 2017
- Updated: August 8, 2017
- CVE Severity Rating: Important
- Version: 5.0


Security Bulletin Revision Information:
=====================

MS17-007

- Title: Cumulative Security Update for Microsoft Edge (4013071)
- https://technet.microsoft.com/library/security/ms17-007.aspx
- Reason for Revision: To comprehensively address CVE-2017-0071,
Microsoft released the July security updates for all versions of
Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10
for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems,
and Windows 10 Version 1703 for x64-based Systems have been added
to the Affected Products table as they are also affected by this
vulnerability. Microsoft recommends that customers who have not
already done so install the July 2017 security updates to be fully
protected from this vulnerability.
- Originally posted: March 14, 2017
- Updated: August 8, 2017
- Bulletin Severity Rating: Critical
- Version: 2.0

MS17-MAR

- Title: Microsoft Security Bulletin Summary for March 2017
- https://technet.microsoft.com/library/security/ms17-MAR.aspx
- Reason for Revision: For MS17-007, to comprehensively address
CVE-2017-0071, Microsoft released the July security updates for
all versions of Windows 10. Note that Windows 10 for 32-bit Systems,
Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit
Systems, and Windows 10 Version 1703 for x64-based Systems have been
added to the Affected Products table as they are also affected by
this vulnerability. Microsoft recommends that customers who have not
already done so install the July 2017 security updates to be fully
protected from this vulnerability.
- Originally posted: March 14, 2017
- Updated: August 8, 2017
- Bulletin Severity Rating: N/A
- Version: 4.0


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youave requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com
Charset: utf-8

wsFVAwUBWYj9U/sCXwi14Wq8AQjIKxAAq0sOZnmXpZa7D1YtYMFI7IJhQze7yoj2
fPj0wyXoHXf6dmwu7gpGfXcQrjYoMsNLbill1UsgT86KnafMEWVW24mmxPlp2AGh
1qccCxvbEFOa7XVkHP2wP+Jsub9u2VfA4Vp9eYeT8PTS1Mh+qi2lJkA6HEyfZPSV
7I8QArDfsvHeGozxK/qhz/DLraycX/r+lfMX9Y96t3G3kHcashzmR2duo1xVYbxZ
tjJj/gsHQMV0CQY3LOKbo6Zn8uZXjfPiNHBbtwvd0yzK0MibQ1smc9E2iYwKieR0
IWBbsIIjXKXTyUC6vhlYchIkLSVAGtCu2/+9e57A5jaYc9qqQfy4vzMm64n5q+oZ
QPYWkJ+Qemy17JErNwImdceVJ5hdmq0BoDt35ZNAmhSq/URyUekPol///Kia2UmK
g/bxrogFrQ2Gfw3GluBcqU/nnuvT/v7UXyBIa/poXdw/nW9jwdahsoH1bvVJDn0E
Kgborq9lGo5/trYhN7rAplUdeImhfi9HZ7NCf0v6YbELRQ+bZCPe6g8NxUM7rAFM
FsYZMVLEVkmF/swiwi4JaKRCq9KzkAVyIhFpPOGOae3fukd3BSCtePJBqmOqBvaE
ChhM3J2LAFBaVhZNgWFkHw6OU3Xnm9lglXp/yb/ja710Bdnbe2w8TlWfRGTE7iKf
edIib2UtBNE=
=aIlf
-----END PGP SIGNATURE-----