-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Update Releases
Issued: August 8, 2017
********************************************************************

Summary
=======

The following CVEs and security bulletins have undergone a major 
revision increment.

* CVE-2017-0071
* CVE-2017-0228
* CVE-2017-0299
* MS17-007
* MS17-MAR


CVE Revision Information:
=====================

CVE-2017-0071

 - Title: CVE-2017-0071 | Scripting Engine Memory Corruption 
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To comprehensively address CVE-2017-0071, 
   Microsoft released the July security updates for all versions of 
   Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 
   for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, 
   and Windows 10 Version 1703 for x64-based Systems have been added
   to the Affected Products table as they are also affected by this 
   vulnerability. Microsoft recommends that customers who have not 
   already done so install the July 2017 security updates to be 
   fully protected from this vulnerability.
 - Originally posted: March 14, 2017  
 - Updated: August 8, 2017 
 - CVE Severity Rating: Critical
 - Version: 2.0

CVE-2017-0228

 - Title: CVE-2017-0228| Scripting Engine Memory Corruption 
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To comprehensively address CVE-2017-0228, 
   Microsoft has released August security updates for Internet 
   Explorer 11 on affected editions of Windows 8.1, Windows Server
   2012 R2, Windows 8.1 RT, Windows 10, Windows 10 Version 1511, 
   Windows 10 Version 1607, and Windows 10 Version 1703; and for 
   Microsoft Edge on affected editions of Windows 10, Windows 10 
   Version 1511, Windows 10 Version 1607, and Windows 10 Version 1703.
   Microsoft strongly recommends that customers install the updates 
   to be fully protected from the vulnerability. Customers whose 
   systems are configured to receive automatic updates do not need 
   to take any further action.
 - Originally posted: May 9, 2017
 - Updated: August 8, 2017
 - CVE Severity Rating: Critical
 - Version: 2.0

CVE-2017-0299

 - Title: CVE-2017-0299 | Windows Kernel Information Disclosure 
   Vulnerability
 - https://portal.msrc.microsoft.com/en-us/security-guidance
 - Reason for Revision: To comprehensively address CVE-2017-0299, 
   Microsoft has released August security updates for all affected
   editions of Microsoft Windows. Microsoft strongly recommends that 
   customers install the updates to be fully protected from the 
   vulnerability. Customers whose systems are configured to receive 
   automatic updates do not need to take any further action.
 - Originally posted: June 13, 2017
 - Updated: August 8, 2017
 - CVE Severity Rating: Important
 - Version: 5.0


Security Bulletin Revision Information:
=====================

MS17-007

 - Title: Cumulative Security Update for Microsoft Edge (4013071)
 - https://technet.microsoft.com/library/security/ms17-007.aspx
 - Reason for Revision: To comprehensively address CVE-2017-0071,
   Microsoft released the July security updates for all versions of
   Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 
   for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, 
   and Windows 10 Version 1703 for x64-based Systems have been added 
   to the Affected Products table as they are also affected by this 
   vulnerability. Microsoft recommends that customers who have not 
   already done so install the July 2017 security updates to be fully 
   protected from this vulnerability.
 - Originally posted: March 14, 2017
 - Updated: August 8, 2017
 - Bulletin Severity Rating: Critical
 - Version: 2.0

MS17-MAR

 - Title: Microsoft Security Bulletin Summary for March 2017 
 - https://technet.microsoft.com/library/security/ms17-MAR.aspx
 - Reason for Revision: For MS17-007, to comprehensively address 
   CVE-2017-0071, Microsoft released the July security updates for 
   all versions of Windows 10. Note that Windows 10 for 32-bit Systems, 
   Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit 
   Systems, and Windows 10 Version 1703 for x64-based Systems have been 
   added to the Affected Products table as they are also affected by 
   this vulnerability. Microsoft recommends that customers who have not 
   already done so install the July 2017 security updates to be fully 
   protected from this vulnerability.
 - Originally posted: March 14, 2017
 - Updated: August 8, 2017
 - Bulletin Severity Rating: N/A
 - Version: 4.0


Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youave requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com
Charset: utf-8

wsFVAwUBWYj9U/sCXwi14Wq8AQjIKxAAq0sOZnmXpZa7D1YtYMFI7IJhQze7yoj2
fPj0wyXoHXf6dmwu7gpGfXcQrjYoMsNLbill1UsgT86KnafMEWVW24mmxPlp2AGh
1qccCxvbEFOa7XVkHP2wP+Jsub9u2VfA4Vp9eYeT8PTS1Mh+qi2lJkA6HEyfZPSV
7I8QArDfsvHeGozxK/qhz/DLraycX/r+lfMX9Y96t3G3kHcashzmR2duo1xVYbxZ
tjJj/gsHQMV0CQY3LOKbo6Zn8uZXjfPiNHBbtwvd0yzK0MibQ1smc9E2iYwKieR0
IWBbsIIjXKXTyUC6vhlYchIkLSVAGtCu2/+9e57A5jaYc9qqQfy4vzMm64n5q+oZ
QPYWkJ+Qemy17JErNwImdceVJ5hdmq0BoDt35ZNAmhSq/URyUekPol///Kia2UmK
g/bxrogFrQ2Gfw3GluBcqU/nnuvT/v7UXyBIa/poXdw/nW9jwdahsoH1bvVJDn0E
Kgborq9lGo5/trYhN7rAplUdeImhfi9HZ7NCf0v6YbELRQ+bZCPe6g8NxUM7rAFM
FsYZMVLEVkmF/swiwi4JaKRCq9KzkAVyIhFpPOGOae3fukd3BSCtePJBqmOqBvaE
ChhM3J2LAFBaVhZNgWFkHw6OU3Xnm9lglXp/yb/ja710Bdnbe2w8TlWfRGTE7iKf
edIib2UtBNE=
=aIlf
-----END PGP SIGNATURE-----