Microsoft Security Update Releases

["Microsoft" <securitynotifications () e-mail microsoft com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Releases
Issued: July 19, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2018-8202
* CVE-2018-8260
* CVE-2018-8284
* CVE-2018-8356
  
Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for all supported editions of Windows 10. These
   packages are available via Microsoft Update catalog, WSUS, or by
   manually searching Windows Update. Customers who are experiencing
   issues after installing the July Windows security updates should
   install the replacement packages as applicable. Note that the
   Monthly Rollup and Security Only updates for .NET Framework are
   not affected. Please refer to the Affected Products table for the
   replacement package KB numbers. Customers who have successfully
   installed the security updates and who are not experiencing any
   issues do not need to take any action.
 - Originally posted: July 10, 2018
 - Updated: July 19, 2018
 - Aggregate CVE Severity Rating: Important
 - Version: 2.0

The following CVEs have undergone a major revision increment:

* CVE-2018-0949
* CVE-2018-8242
* CVE-2018-8287
* CVE-2018-8288
* CVE-2018-8291
* CVE-2018-8296

Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for Windows 10, and Standalone and Preview Rollup
   packages for all other supported editions of Windows. These packages
   are available via Microsoft Update catalog, WSUS, or by manually
   searching Windows Update. Customers who are experiencing issues
   after installing the July Windows security updates should install
   the replacement packages as applicable. Note that the IE Cumulative
   updates are not affected. Please refer to the Affected Products
   table for the replacement package KB numbers. Customers who have
   successfully installed the security updates and who are not
   experiencing any issues do not need to take any action.
 - Originally posted: July 10, 2018
 - Updated: July 19, 2018
 - Aggregate CVE Severity Rating: Important
 - Version: 2.0

The following CVEs have undergone a major revision increment:

* CVE-2018-8125 * CVE-2018-8279 * CVE-2018-8301
* CVE-2018-8206 * CVE-2018-8280 * CVE-2018-8304
* CVE-2018-8222 * CVE-2018-8282 * CVE-2018-8307
* CVE-2018-8262 * CVE-2018-8286 * CVE-2018-8308
* CVE-2018-8274 * CVE-2018-8289 * CVE-2018-8309
* CVE-2018-8275 * CVE-2018-8290 * CVE-2018-8313
* CVE-2018-8276 * CVE-2018-8294 * CVE-2018-8314
* CVE-2018-8278 * CVE-2018-8297 * CVE-2018-8324
                                * CVE-2018-8325

Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To address a known issue in the security
   updates released on July 10, Microsoft is releasing Cumulative
   Update packages for Windows 10, and Standalone and Preview Rollup
   packages for all other supported editions of Windows. These
   packages are available via Microsoft Update catalog, WSUS, or by
   manually searching Windows Update. Customers who are experiencing
   issues after installing the July Windows security updates should
   install the replacement packages as applicable. Please refer to the
   Affected Products table for the replacement package KB numbers.
   Customers who have successfully installed the security updates and
   who are not experiencing any issues do not need to take any action.
 - Originally posted: July 10, 2018
 - Updated: July 19, 2018
 - Aggregate CVE Severity Rating: Critical
 - Version: 2.0

 The following CVE has undergone a major revision increment:

* CVE-2018-8356

Revision Information:
=====================

 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: Revised the Affected Products table to
   include PowerShell Core 6.0 and PowerShell Core 6.1 because
   these products are affected by CVE-2018-9356. See 
   https://github.com/PowerShell/Announcements/issues/6 for 
   more information.
 - Originally posted: July 10, 2018
 - Updated: July 19, 2018
 - Aggregate CVE Severity Rating: Important
 - Version: 3.0

Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAltRJ4QACgkQEEiO2re1
8uhBGRAAqV/EWkEhrEVrYfOPJe0fzDxFKVu8PespooUpb+/xYFKj0RvyGPBwWkK0
7lGixsk0HDH/VGRevfEPWBUMEDyPp7yudESs7K/Almv0X5Tq9EXa8xsoLOfWmUsF
+8OjbFDlsgmJDnsOvrELRAul7bjJDvte3q0jB8QsDIhaMWDOkvKuFfB6M8KwLEJg
BeKY/Mudn4BbDxxpMBq72kDCNy6WQar9igbZMS0xu2sDSuTLzqC7qfUg9jseqwhx
5uKJWSKrgCcJ73erJnZRvb1LAglhxD1NGoFdQP36EiIkccOB6kIYv33hpDNd6jf1
S0N8nJVYiUQVqg4ITBtQch5ws6fxXfTIUh7m+oQ4pxvLBbw5QLScub0/AV6ucSaD
9Ace1QwDaOJP+D8aA/+mdmTwr9SvLspNDOm9HkNu10ktRRDyu8PMPf3XGoCAQ1n9
XGtin526zCPy68yFG4BqzN2XSQfft97pwwgcG0KYRV3kB7tbswrtJWOOFbVXvLUl
Yd9yvpMql7qfH6p+6f8hS+LG41EEDTqCVEaMT8HTSjld+W36AP2WqlWuSXG9YRBf
yhulJ6nF3lbiG1h4pZkY5vrGjvFcfbN4YhSA+FepEolJAnWOtZBg9lswNSuIse3G
lvBVHDiKdzpX3ey1qri1czIaC/r46OKW6YuAr4nzhoJKwdfpS34=
=b7n1
-----END PGP SIGNATURE-----