Microsoft Security Bulletins for 14 March 2017

[winchester73]

The full version of the Microsoft Security Bulletin Summary for March 2017 can be found at https://technet.microsoft.com/library/security/ms17-mar

Microsoft has released the following Security Bulletins:


Critical (9)

Microsoft Security Bulletin MS17-006
Cumulative Security Update for Internet Explorer (4013073) https://technet.microsoft.com/library/security/ms17-006

Microsoft Security Bulletin MS17-007
Cumulative Security Update for Microsoft Edge (4013071) https://technet.microsoft.com/library/security/ms17-007

Microsoft Security Bulletin MS17-008
Security Update for Windows Hyper-V (4013082) https://technet.microsoft.com/library/security/ms17-008

Microsoft Security Bulletin MS17-009
Security Update for Microsoft Windows PDF Library (4010319) https://technet.microsoft.com/library/security/ms17-009

Microsoft Security Bulletin MS17-010
Security Update for Microsoft Windows SMB Server (4013389) https://technet.microsoft.com/library/security/ms17-010

Microsoft Security Bulletin MS17-011
Security Update for Microsoft Uniscribe (4013076) https://technet.microsoft.com/library/security/ms17-011

Microsoft Security Bulletin MS17-012
Security Update for Microsoft Windows (4013078) https://technet.microsoft.com/library/security/ms17-012

Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075) https://technet.microsoft.com/library/security/ms17-013

Microsoft Security Bulletin MS17-023
Security Update for Adobe Flash Player https://technet.microsoft.com/library/security/ms17-023


Important (9)

Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241) https://technet.microsoft.com/library/security/ms17-014

Microsoft Security Bulletin MS17-015
Security Update for Microsoft Exchange Server (4013242) https://technet.microsoft.com/library/security/ms17-015

Microsoft Security Bulletin MS17-016
Security Update for Windows IIS (4013074) https://technet.microsoft.com/library/security/ms17-016

Microsoft Security Bulletin MS17-017
Security Update for Windows Kernel (4013081) https://technet.microsoft.com/library/security/ms17-017

Microsoft Security Bulletin MS17-018
Security Update for Windows Kernel-Mode Drivers (4013083) https://technet.microsoft.com/library/security/ms17-018

Microsoft Security Bulletin MS17-019
Security Update for Active Directory Federation Services (4010320) https://technet.microsoft.com/library/security/ms17-019

Microsoft Security Bulletin MS17-020
Security Update for Windows DVD Maker (3208223) https://technet.microsoft.com/library/security/ms17-020

Microsoft Security Bulletin MS17-021
Security Update for Windows DirectShow (4010318) https://technet.microsoft.com/library/security/ms17-021

Microsoft Security Bulletin MS17-022
Security Update for Microsoft XML Core Services (4010321) https://technet.microsoft.com/library/security/ms17-022

[Corrine]

A bit of additional information:  Although this was to be the start of replacing security bulletins with the new Security Updates Guide, security bulletins were also published this month to provide extra time to prepare for the transition. The new guide includes the ability to view and search security vulnerability information in a single online database. The guide is described as a "portal" by the MSRC Team in Furthering our commitment to security updates.

The updates address vulnerabilities in Microsoft Windows, Microsoft Edge, Internet Explorer, Microsoft Office, Skype for Business, Microsoft Lync, Microsoft Silverlight, Microsoft Server Software, Microsoft Communications Platforms and Software, Microsoft Exchange and Adobe Flash Player for Windows 8.1 and above.

Addressed in the updates are Remote Code Execution, Information Disclosure and Elevation of Privilege.

[plodr]

Thanks.
I found this from one of Corrine's links to be more useful to me
https://portal.msrc.microsoft.com/en-us/security-guidance/summary

However, it fails to list the Security only Monthly update KB4012212.

[Corrine]

Microsoft released a new cumulative update for PCs running the "Anniversary Update, Version 1607.  KB4015438 replaces KB4013429 and is a quality improvement update and does not include any new features.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed.

The update is available from Windows Update.  The standalone package is available in the Microsoft Update Catalog.

[Corrine]

Microsoft released three replacement cumulative updates.

There is one update each for Windows 10 version 1607 (Anniversary  Update) and version 1511.  The update includes quality improvements with  no new operating system features introduced.  The third update is for Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1.

See the KB articles for additional information:

• Windows 10, 1607, OS Build 14393.970:  KB4016635
  
• Windows 10, 1511, OS Build 10586.842:  KB4016636
  
• Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1:  KB4016446