The following CVEs have been added to June 2017 security release.

["Microsoft" <securitynotifications () e-mail microsoft com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: June 21, 2017
********************************************************************

Summary
=======

 The following CVEs have been added to June 2017 security release. 

* CVE-2017-8575   
* CVE-2017-8576
* CVE-2017-8579

Revision Information:
=====================

 - CVE-2017-8575 | Microsoft Graphics Component Information 
   Disclosure Vulnerability

 - CVE-2017-8576 | Microsoft Graphics Component Elevation of 
   Privilege Vulnerability

 - CVE-2017-8579 | DirectX Elevation of Privilege Vulnerability

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Version: 1.0
 - Reason for Revision: Information published.
 - Originally posted: June 19, 2017  
 - Aggregate CVE Severity Rating: Important


Summary
=======

The following CVEs have been revised in the June 2017 Security Updates. 

* CVE-2017-0228
* CVE-2017-0292
* CVE-2017-8509

Revision Information:
=====================

CVE-2017-0228

 - Title: CVE-2017-0228 | Scripting Engine Memory Corruption
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Revised Affected Products table to include
   Microsoft Edge on Windows 10,  Windows 10 Version 1511, Windows 10
   Version 1607, and Windows 10 Version 1703 because these products
   are affected by this CVE. This is an informational change only.
 - Originally posted: June 21, 2017  
 - CVE Severity Rating: Critical
 - Version: 1.1

CVE-2017-0292

 - Title: CVE-2017-0292 | Windows PDF Remote Code Execution 
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Corrected the updates replaced for 
   Microsoft Word 2013 Service Pack 1 and Microsoft Word 2016. This 
   is an informational change only. Customers who have already 
   successfully installed the updates do not need to take any action.
 - Originally posted: June 21, 2017  
 - CVE Severity Rating: Critical
 - Version: 1.1

CVE-2017-8509

 - Title: CVE-2017-8509 | Microsoft Office Remote Code Execution 
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: In the Affected Products table corrected the 
   updates replaced for Microsoft Word 2013 Service Pack 1 and Microsoft 
   Word 2016. In addition, corrected the affected software for security 
   update 3191908 from OneNote 2010 to Office 2010. These are 
   informational changes only. Customers who have already successfully 
   installed the updates do not need to take any action.
 - Originally posted: June 21, 2017  
 - CVE Severity Rating: Critical
 - Version: 1.1


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBWUrVFfsCXwi14Wq8AQg4Hw/8Da2ha5jyPqNyba+2MLrkOxdVA727rw2u
yLJGndqAAW6gkA1cTzo5MuZnQOKWanzndZfvVgOUM9Lm2guSq2nC8S1KZCATkTux
oilXXUwpU7Lh5X4KhiyRgZBnEjpoBqzC+Tvq7aswPo+uTPNWCK6IR5tEIbkfTI9C
4RRtMSFkKQfHb4TPBMl0QpbX1E/fr0vaPhF4DJaq0drfd8uRnGeC0zZFBEFTGQ5e
fsqhBz0RdctLrZHhSFb6kOT7+GwItXQ/jlSPxMWzNQ12if2E5GZ+uAYhJrnXPF9f
coUe8wvMmnouhIGK8wiirv8cbkONulFHb0Z3zpB1GJgbUljKWJVL6So6oNb+wH7Q
JuEYKtDAIaBnWqAwI2SkcIZ8OEQmXOqxwo1lCGpxxur6IrMKOVHY3R/Cptm4UHqd
dJbN8kpAkq7tGt7EfDoqS94I8Na9mYowapl+RNtepCBEUtNI24pGorzrtUwxpIL8
/wmU8+fOkzBso0Dc7dIAPmaCcR7lyAQK56oMsNhkR0jAmBx1Jlj3kw1bLb+YaBbc
kSToexchSqDC66UloIAaNVVgd24h0rXfsm38UULL9u2qY2gaupV6SlFiuJ8HE698
MCwDR48lYHQ95OWC2VE65GmMeEf6ukLwBWYU363MJj9ugtXCCyEKwTMrsIomHFms
jt7WAAsUA9c=
=wDjy
-----END PGP SIGNATURE-----