-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ******************************************************************** Title: Microsoft Security Update Releases Issued: July 19, 2018 ******************************************************************** Summary ======= The following CVEs have undergone a major revision increment: * CVE-2018-8202 * CVE-2018-8260 * CVE-2018-8284 * CVE-2018-8356 Revision Information: ===================== - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: To address a known issue in the security updates released on July 10, Microsoft is releasing Cumulative Update packages for all supported editions of Windows 10. These packages are available via Microsoft Update catalog, WSUS, or by manually searching Windows Update. Customers who are experiencing issues after installing the July Windows security updates should install the replacement packages as applicable. Note that the Monthly Rollup and Security Only updates for .NET Framework are not affected. Please refer to the Affected Products table for the replacement package KB numbers. Customers who have successfully installed the security updates and who are not experiencing any issues do not need to take any action. - Originally posted: July 10, 2018 - Updated: July 19, 2018 - Aggregate CVE Severity Rating: Important - Version: 2.0 The following CVEs have undergone a major revision increment: * CVE-2018-0949 * CVE-2018-8242 * CVE-2018-8287 * CVE-2018-8288 * CVE-2018-8291 * CVE-2018-8296 Revision Information: ===================== - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: To address a known issue in the security updates released on July 10, Microsoft is releasing Cumulative Update packages for Windows 10, and Standalone and Preview Rollup packages for all other supported editions of Windows. These packages are available via Microsoft Update catalog, WSUS, or by manually searching Windows Update. Customers who are experiencing issues after installing the July Windows security updates should install the replacement packages as applicable. Note that the IE Cumulative updates are not affected. Please refer to the Affected Products table for the replacement package KB numbers. Customers who have successfully installed the security updates and who are not experiencing any issues do not need to take any action. - Originally posted: July 10, 2018 - Updated: July 19, 2018 - Aggregate CVE Severity Rating: Important - Version: 2.0 The following CVEs have undergone a major revision increment: * CVE-2018-8125 * CVE-2018-8279 * CVE-2018-8301 * CVE-2018-8206 * CVE-2018-8280 * CVE-2018-8304 * CVE-2018-8222 * CVE-2018-8282 * CVE-2018-8307 * CVE-2018-8262 * CVE-2018-8286 * CVE-2018-8308 * CVE-2018-8274 * CVE-2018-8289 * CVE-2018-8309 * CVE-2018-8275 * CVE-2018-8290 * CVE-2018-8313 * CVE-2018-8276 * CVE-2018-8294 * CVE-2018-8314 * CVE-2018-8278 * CVE-2018-8297 * CVE-2018-8324 * CVE-2018-8325 Revision Information: ===================== - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: To address a known issue in the security updates released on July 10, Microsoft is releasing Cumulative Update packages for Windows 10, and Standalone and Preview Rollup packages for all other supported editions of Windows. These packages are available via Microsoft Update catalog, WSUS, or by manually searching Windows Update. Customers who are experiencing issues after installing the July Windows security updates should install the replacement packages as applicable. Please refer to the Affected Products table for the replacement package KB numbers. Customers who have successfully installed the security updates and who are not experiencing any issues do not need to take any action. - Originally posted: July 10, 2018 - Updated: July 19, 2018 - Aggregate CVE Severity Rating: Critical - Version: 2.0 The following CVE has undergone a major revision increment: * CVE-2018-8356 Revision Information: ===================== - https://portal.msrc.microsoft.com/en-us/security-guidance - Reason for Revision: Revised the Affected Products table to include PowerShell Core 6.0 and PowerShell Core 6.1 because these products are affected by CVE-2018-9356. See https://github.com/PowerShell/Announcements/issues/6 for more information. - Originally posted: July 10, 2018 - Updated: July 19, 2018 - Aggregate CVE Severity Rating: Important - Version: 3.0 Other Information ================= Recognize and avoid fraudulent email to Microsoft customers: ============================================================= If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email. The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at . ******************************************************************** THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. ******************************************************************** Microsoft respects your privacy. Please read our online Privacy Statement at . If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: . These settings will not affect any newsletters youave requested or any mandatory service communications that are considered part of certain Microsoft services. For legal Information, see: . This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052 -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEELe29pj1Ogz+2MnKbEEiO2re18ugFAltRJ4QACgkQEEiO2re1 8uhBGRAAqV/EWkEhrEVrYfOPJe0fzDxFKVu8PespooUpb+/xYFKj0RvyGPBwWkK0 7lGixsk0HDH/VGRevfEPWBUMEDyPp7yudESs7K/Almv0X5Tq9EXa8xsoLOfWmUsF +8OjbFDlsgmJDnsOvrELRAul7bjJDvte3q0jB8QsDIhaMWDOkvKuFfB6M8KwLEJg BeKY/Mudn4BbDxxpMBq72kDCNy6WQar9igbZMS0xu2sDSuTLzqC7qfUg9jseqwhx 5uKJWSKrgCcJ73erJnZRvb1LAglhxD1NGoFdQP36EiIkccOB6kIYv33hpDNd6jf1 S0N8nJVYiUQVqg4ITBtQch5ws6fxXfTIUh7m+oQ4pxvLBbw5QLScub0/AV6ucSaD 9Ace1QwDaOJP+D8aA/+mdmTwr9SvLspNDOm9HkNu10ktRRDyu8PMPf3XGoCAQ1n9 XGtin526zCPy68yFG4BqzN2XSQfft97pwwgcG0KYRV3kB7tbswrtJWOOFbVXvLUl Yd9yvpMql7qfH6p+6f8hS+LG41EEDTqCVEaMT8HTSjld+W36AP2WqlWuSXG9YRBf yhulJ6nF3lbiG1h4pZkY5vrGjvFcfbN4YhSA+FepEolJAnWOtZBg9lswNSuIse3G lvBVHDiKdzpX3ey1qri1czIaC/r46OKW6YuAr4nzhoJKwdfpS34= =b7n1 -----END PGP SIGNATURE-----