Microsoft Security Update Minor Revisions Issued: June 21, 2017

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: June 21, 2017
********************************************************************
 
Summary
=======
 
 The following CVEs have been added to June 2017 security release.
 
* CVE-2017-8575  
* CVE-2017-8576
* CVE-2017-8579
 
Revision Information:
=====================
 
 - CVE-2017-8575 | Microsoft Graphics Component Information
   Disclosure Vulnerability
 
 - CVE-2017-8576 | Microsoft Graphics Component Elevation of
   Privilege Vulnerability
 
 - CVE-2017-8579 | DirectX Elevation of Privilege Vulnerability
 
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 1.0
 - Reason for Revision: Information published.
 - Originally posted: June 19, 2017
 - Aggregate CVE Severity Rating: Important
 
 
Summary
=======
 
The following CVEs have been revised in the June 2017 Security Updates.
 
* CVE-2017-0228
* CVE-2017-0292
* CVE-2017-8509
 
Revision Information:
=====================
 
CVE-2017-0228
 
 - Title: CVE-2017-0228 | Scripting Engine Memory Corruption
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Revised Affected Products table to include
   Microsoft Edge on Windows 10,  Windows 10 Version 1511, Windows 10
   Version 1607, and Windows 10 Version 1703 because these products
   are affected by this CVE. This is an informational change only.
 - Originally posted: June 21, 2017
 - CVE Severity Rating: Critical
 - Version: 1.1
 
CVE-2017-0292
 
 - Title: CVE-2017-0292 | Windows PDF Remote Code Execution
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Corrected the updates replaced for
   Microsoft Word 2013 Service Pack 1 and Microsoft Word 2016. This
   is an informational change only. Customers who have already
   successfully installed the updates do not need to take any action.
 - Originally posted: June 21, 2017
 - CVE Severity Rating: Critical
 - Version: 1.1
 
CVE-2017-8509
 
 - Title: CVE-2017-8509 | Microsoft Office Remote Code Execution
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: In the Affected Products table corrected the
   updates replaced for Microsoft Word 2013 Service Pack 1 and Microsoft
   Word 2016. In addition, corrected the affected software for security
   update 3191908 from OneNote 2010 to Office 2010. These are
   informational changes only. Customers who have already successfully
   installed the updates do not need to take any action.
 - Originally posted: June 21, 2017
 - CVE Severity Rating: Critical
 - Version: 1.1
 
 
Other Information
=================
 
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.