Hash: SHA256
********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: April 11, 2017
********************************************************************
Summary
=======
The following bulletins have undergone a major revision increment.
* MS16-037 - Critical
* MS17-013 - Critical
* MS17-014 - Important
* MS17-021 - Important
* MS16-APR
* MS17-MAR
Bulletin Information:
=====================
MS16-037
- Title: Cumulative Security Update for Internet Explorer (3148531)
- https://technet.microsoft.com/library/security/ms16-037.aspx
- Reason for Revision: Bulletin revised to announce the release
of a new Internet Explorer cumulative update (4014661) for
CVE-2016-0162. The update adds to the original release to
comprehensively address CVE-2016-0162. Microsoft recommends that
customers running the affected software install the security
update to be fully protected from the vulnerability described
in this bulletin. See Microsoft Knowledge Base Article 4014661
for more information.
- Originally posted: April 12, 2016
- Updated: April 11, 2017
- Bulletin Severity Rating: Critical
- Version: 2.0
MS17-013
- Title: Security Update for Microsoft Graphics Component (4013075)
- https://technet.microsoft.com/library/security/ms17-013.aspx
- Reason for Revision: Bulletin revised to announce the release of
update 4017018 for Windows Vista and Windows Server 2008. The
update replaces update 4012583 for CVE-2017-0038 only, to
comprehensively address the vulnerability. Microsoft recommends
that customers running the affected software install the security
update to be fully protected from the vulnerability described in
this bulletin. See Microsoft Knowledge Base Article 4017018 for
more information.
- Originally posted: March 14, 2017
- Updated: April 11, 2017
- Bulletin Severity Rating: Critical
- Version: 2.0
MS17-014
- Title: Security Update for Microsoft Office (4013241)
- https://technet.microsoft.com/library/security/ms17-014.aspx
- Reason for Revision: To comprehensively address CVE-2017-0027 for
Office for Mac 2011 only, Microsoft is releasing security update
- Microsoft recommends that customers running Office for
vulnerability. See Microsoft Knowledge Base Article 3212218 for
more information.
- Originally posted: March 14, 2017
- Updated: April 11, 2017
- Bulletin Severity Rating: Important
- Version: 2.0
MS17-021
- Title: Security Update for Windows DirectShow (4010318)
- https://technet.microsoft.com/library/security/ms17-021.aspx
- Reason for Revision: Bulletin revised to announce that the security
updates that apply to CVE-2017-0042 for Windows Server 2012 are now
available. Customers running Windows Server 2012 should install
update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be
fully protected from this vulnerability. Customers running other
versions of Microsoft Windows do not need to take any further
action.
- Originally posted: March 14, 2017
- Updated: April 11, 2017
- Bulletin Severity Rating: Important
- Version: 2.0
MS16-APR
- Title: Microsoft Security Bulletin Summary for April 2016
- https://technet.microsoft.com/library/security/ms16-apr.aspx
- Reason for Revision: V3.0 (April 11, 2016): For MS16-037,
Bulletin Summary revised to announce the release of a new
Internet Explorer cumulative update (4014661) for CVE-2016-0162.
The update adds to the original release to comprehensively address
CVE-2016-0162. Microsoft recommends that customers running the
affected software install the security update to be fully protected
from the vulnerability described in this bulletin. See Microsoft
Knowledge Base Article 4014661 for more information.
- Originally posted: April 12, 2016
- Updated: April 11, 2016
- Bulletin Severity Rating: Not applicable
- Version: 3.0
MS17-MAR
- Title: Microsoft Security Bulletin Summary for March 2017
- https://technet.microsoft.com/library/security/ms17-mar.aspx
- Reason for Revision: V2.0 (April 11, 2016): For MS17-013,
Bulletin Summary revised to announce the release of update 4017018
for Windows Vista and Windows Server 2008. The update replaces
update 4012583 for CVE-2017-0038 only, to comprehensively address
the vulnerability. Microsoft recommends that customers running the
affected software install the security update to be fully protected
from the vulnerability described in this bulletin. See Microsoft
Knowledge Base Article 4017018 for more information.
For MS17-014, to comprehensively address CVE-2017-0027 for Office for
Mac 2011 only, Microsoft is releasing security update 3212218.
Microsoft recommends that customers running Office for Mac 2011
install update 3212218 to be fully protected from this vulnerability.
See Microsoft Knowledge Base Article 3212218 for more information.
For MS17-021, security updates that apply to CVE-2017-0042 for
Windows Server 2012 are now available. Customers running Windows Server
2012
should install update 4015548 (Security Only) or 4015551 (Monthly
Rollup)
to be fully protected from this vulnerability. Customers running other
versions of Microsoft Windows do not need to take any further action.
- Originally posted: March 14, 2017
- Updated: April 11, 2016
- Bulletin Severity Rating: Not applicable
- Version: 2.0
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.