-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ******************************************************************** Title: Microsoft Security Bulletin Releases Issued: April 11, 2017 ******************************************************************** Summary ======= The following bulletins have undergone a major revision increment. * MS16-037 - Critical * MS17-013 - Critical * MS17-014 - Important * MS17-021 - Important * MS16-APR * MS17-MAR Bulletin Information: ===================== MS16-037 - Title: Cumulative Security Update for Internet Explorer (3148531) - https://technet.microsoft.com/library/security/ms16-037.aspx - Reason for Revision: Bulletin revised to announce the release of a new Internet Explorer cumulative update (4014661) for CVE-2016-0162. The update adds to the original release to comprehensively address CVE-2016-0162. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4014661 for more information. - Originally posted: April 12, 2016 - Updated: April 11, 2017 - Bulletin Severity Rating: Critical - Version: 2.0 MS17-013 - Title: Security Update for Microsoft Graphics Component (4013075) - https://technet.microsoft.com/library/security/ms17-013.aspx - Reason for Revision: Bulletin revised to announce the release of update 4017018 for Windows Vista and Windows Server 2008. The update replaces update 4012583 for CVE-2017-0038 only, to comprehensively address the vulnerability. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4017018 for more information. - Originally posted: March 14, 2017 - Updated: April 11, 2017 - Bulletin Severity Rating: Critical - Version: 2.0 MS17-014 - Title: Security Update for Microsoft Office (4013241) - https://technet.microsoft.com/library/security/ms17-014.aspx - Reason for Revision: To comprehensively address CVE-2017-0027 for Office for Mac 2011 only, Microsoft is releasing security update 3212218. Microsoft recommends that customers running Office for Mac 2011 install update 3212218 to be fully protected from this vulnerability. See Microsoft Knowledge Base Article 3212218 for more information. - Originally posted: March 14, 2017 - Updated: April 11, 2017 - Bulletin Severity Rating: Important - Version: 2.0 MS17-021 - Title: Security Update for Windows DirectShow (4010318) - https://technet.microsoft.com/library/security/ms17-021.aspx - Reason for Revision: Bulletin revised to announce that the security updates that apply to CVE-2017-0042 for Windows Server 2012 are now available. Customers running Windows Server 2012 should install update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be fully protected from this vulnerability. Customers running other versions of Microsoft Windows do not need to take any further action. - Originally posted: March 14, 2017 - Updated: April 11, 2017 - Bulletin Severity Rating: Important - Version: 2.0 MS16-APR - Title: Microsoft Security Bulletin Summary for April 2016 - https://technet.microsoft.com/library/security/ms16-apr.aspx - Reason for Revision: V3.0 (April 11, 2016): For MS16-037, Bulletin Summary revised to announce the release of a new Internet Explorer cumulative update (4014661) for CVE-2016-0162. The update adds to the original release to comprehensively address CVE-2016-0162. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4014661 for more information. - Originally posted: April 12, 2016 - Updated: April 11, 2016 - Bulletin Severity Rating: Not applicable - Version: 3.0 MS17-MAR - Title: Microsoft Security Bulletin Summary for March 2017 - https://technet.microsoft.com/library/security/ms17-mar.aspx - Reason for Revision: V2.0 (April 11, 2016): For MS17-013, Bulletin Summary revised to announce the release of update 4017018 for Windows Vista and Windows Server 2008. The update replaces update 4012583 for CVE-2017-0038 only, to comprehensively address the vulnerability. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4017018 for more information. For MS17-014, to comprehensively address CVE-2017-0027 for Office for Mac 2011 only, Microsoft is releasing security update 3212218. Microsoft recommends that customers running Office for Mac 2011 install update 3212218 to be fully protected from this vulnerability. See Microsoft Knowledge Base Article 3212218 for more information. For MS17-021, security updates that apply to CVE-2017-0042 for Windows Server 2012 are now available. Customers running Windows Server 2012 should install update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be fully protected from this vulnerability. Customers running other versions of Microsoft Windows do not need to take any further action. - Originally posted: March 14, 2017 - Updated: April 11, 2016 - Bulletin Severity Rating: Not applicable - Version: 2.0 Other Information ================= Recognize and avoid fraudulent email to Microsoft customers: ============================================================= If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email. The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at . ******************************************************************** THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. ******************************************************************** Microsoft respects your privacy. Please read our online Privacy Statement at . If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: . These settings will not affect any newsletters youave requested or any mandatory service communications that are considered part of certain Microsoft services. For legal Information, see: . This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052 -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com Charset: utf-8 wsFVAwUBWO0MevsCXwi14Wq8AQi46Q/9Hy60bFLuDT6SdwyJek0d/BpXX9rj8iUs coOG0lI8Vq8smmk4dHhEiCqVtrLHfhYJQzcuit9TRM/Z1BH+T2ra/04hPagfFE7R EXaQERnjRqV/W+iiyl9GhA83o7c9vWd8XKOYCm+J4gkt/2MFqi7VyKNlR7DDpu+h WWZJYOaWtcHsCyD8mmIZBHFqc6ooD2uk0/DInQKZXpavBNurQhyubnBvdrCH4wPZ zbszCPZlaAZyTr3LchsBiFTIweXeURctAxyP2xzwQXInw6gN7d431V5lCt9K3Mh3 vyBurdKd9xa4KpfraIqJ3BmySZwXCww7PXVNv++tpeLJFQ+L04GlELnOArHqjK0c gtq/psYyNyI+TjgEto1DRggK8p0DD0WVAoZOiUp05WVKbI3GIn/SdvBzBf4kMQET PAjOs9LcZvH70IlwdWu+XxbMGpO8VTWsGUKwUSeIjUV4sUXaZh42yuU2tvlAb6Ee cBzi/UGH+YUyVZ5Hn7TqEE8sbW7ycIX/yib7Khnxjgsb94uieeljN2S71irJwlzA oVaEpnlEFojFwfbcp0OkqffKoaNEOBkNtzDzEFPneVGRUSZk5VT7vRRuXtdZBkSB 9h7orQEWByi+jbasklDFOmS/Pzgbm7vLQ1dpsC5tmpKHA1eS64CLtLcJKBR9rIla Nfzpt/1hOb8= =Aee3 -----END PGP SIGNATURE-----