MS Sec Notification mailing list archives

Previous By Date Next
Previous By Thread Next

Microsoft Security Update Releases

From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Wed, 15 Aug 2018 17:24:44 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Releases
Issued: August 15, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2018-8202
* CVE-2018-8284

Revision Information:
=====================

 - CVE-2018-8202 | .NET Framework Elevation of Privilege
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Microsoft is releasing the August Monthly
   Rollup, Security Only, and Security Updates to fully resolve known
   issues some customers experienced after installing the July security
   updates for .NET Framework. Customers who installed either the
   Standalone updates or Alternate Cumulative update should also install
   the August updates. See the Affected Products table for links
   to download and install the August updates.
 - Originally posted: July 10, 2018
 - Updated: August 15, 2018
 - Aggregate CVE Severity Rating: Important
 - Version: 5.0

 - CVE-2018-8284 | .NET Framework Remote Code Injection
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Updated the Affected Products to include
   affected versions of Microsoft SharePoint Server, Microsoft
   SharePoint Foundation, Microsoft SharePoint Enterprise Server,
   and Microsoft Project Server. Customers running any of the
   SharePoint products listed in the Affected Products table and
   who are also running any affected versions of .NET Framework
   need to install the security updates for the versions of .NET
   running on their system to be fully protected from this
   vulnerability.
 - Originally posted: July 10, 2018
 - Updated: August 14, 2018
 - Aggregate CVE Severity Rating: Important
 - Version: 3.0

Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAlt0eykACgkQEEiO2re1
8uhwRw/9E5EOeP3CzOYqmIYujQCAnvdPXKE3htckb1qDvoDQFdO00m2NEwsUI6Ui
HZu1LMcSnqosY96yUimXOLRpAWO3ke5Z1Wd96Ju3o+u7OAOX+UHU4rFrl0NnS4Ua
zD8ql4Mg/RpPllr6xqGcKCLESJkIM3etO+K8GxJNLMQQg5iBRhVSRnAlY5cnvKJp
Ei7+LfRw//e2E/VY7VQn5L9Kg9E1xlL3ZElmBNQQIFwHMnPZxo14/lwDUKxz2NFQ
LaES0qKM5TYFcrur1fm3Ex/ggyQJVpLLaQcCFrVPcpBWDe/t58Ug4elScDlpEUdG
ELJSDlCsBgOq8O0NUNyCqW2raE6KB9hSwOAsEF7QN/rUR37/M62KVyzmH3uRmoFt
yrOAUkEhOH3scdurLgSZf3EfHU1gsYct5q4EktjS9RrNnpYDysgXyOUo902qoCzJ
J6p8GLvO0eGK2TV+2xKyQ3dSTC93KfQYscTTcs8DbkG7hRVlwsjicL8T/HfoZzy7
DvJYzg3bMbLM+Jt/o36KcPxwMCxbxeArtSLRB8uyraiXIOyLC3Y5cA+XLV1aeAce
87VEnMGb34eIonh4jjnw/91dteeeMmwruQZVyZz66MbpBLSD2377fuGf328wvC9K
WoIdNYoAu8xeF2jeuvnz8ZHCiSHKovNnWrx4AJkPFCU4Thrih+A=
=gZ8Z
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: