-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
*******************************************************************************
*******
Title: Microsoft Security Update Releases
Issued: September 10, 2019 ****************************************************
**********************************
On September 10, the Major Revision Mailer that was sent contained incorrect
information. Following is the corrected mailer. We apologize for any
inconvenience.
Summary
=======
The following CVEs have undergone a major revision increment:
* CVE-2018-15664
* CVE-2018-8269
* CVE-2019-1183
Revision Information:
=====================
- CVE-2018-15664 | Docker Elevation of Privilege Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-
15664
- Version: 2.0
- Reason for Revision: Microsoft has released an update to provide protection
for
Azure Kubernetes Service. Please see the Security Updates table and the FAQs
for
more information.
- Originally posted: July 9, 2019
- Updated: September 10, 2019
- Aggregate CVE Severity Rating: Important
- CVE-2018-8269 | OData Denial of Service Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-
8269
- Version: 2.0
- Reason for Revision: Revised the Security Updates table to include ASP.NET
Core 2.1
and 6.2 because they are affected by CVE-2018-8269. See (Add link to issue in
GitHub)
for more information.
- Originally posted: September 11, 2018
- Updated: September 10, 2019
- Aggregate CVE Severity Rating: Important
- CVE-2019-1183 | Windows VBScript Engine Remote Code Execution Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-
1183
- Version: 2.0
- Reason for Revision: This information is being revised to indicate that this
CVE
(CVE-2019-1183) is fully mitigated by the security updates for the
vulnerability
discussed in CVE-2019-1194. No update is required.
- Originally posted: August 13, 2019
- Updated: September 10, 2019
- Aggregate CVE Severity Rating: N/A
*******************************************************************************
*******
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers: ==================
====================================================================
If you receive an email message that claims to be distributing a Microsoft
security
update, it is a hoax that may contain malware or pointers to malicious websites.
Microsoft does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all
security
notifications. However, PGP is not required for reading security notifications,
reading security bulletins, or installing security updates. You can obtain the
MSRC
public PGP key at <https://technet.microsoft.com/security/dn753714>.
*******************************************************************************
*******
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS"
WITHOUT
WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR
IMPLIED,
INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF
BUSINESS
PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE
BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR
CONSEQUENTIAL
OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. **************
************************************************************************
Microsoft respects your privacy. Please read our online Privacy Statement at
<http://go.microsoft.com/fwlink/?LinkId=81184>.
If you would prefer not to receive future technical security notification alerts
by
email from Microsoft and its family of companies please visit the following
website
to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.
These settings will not affect any newsletters you've requested or any mandatory
service communications that are considered part of certain Microsoft services.
For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.
This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELieOGq60dXLTFHFj30/5BMNBVX8FAl15DrYACgkQ30/5BMNB
VX/F/w/+MYokHNHtdszNIUa3xyvBsXMfKXcvjUay9pR0sjD3h6xd1IJyV6VkuoF0
daGhXYXbazY+qs4FwMoN9tAx3x0YDUAfQUTIEPvEjCFwiG/ToR/IekOwWFTX6aCT
V7N7NXu+smA2XH3+r329iI9q3XcWOIv4JW1S1hEFZQaLyFxNxAm8dfMANfflNxnp
oQ+h6rwCo9Kc82P5M/SbZpevR/3KSLDa5t7lvnYqT6vn/sNwtER598s4ajQyqBSA
pYl+JTifpOR3gmvEPnxaDAPtkmIxVXLBHaQqvvH2sgu1oapRTVvV5Eomk9qiRULN
zgR1GJ5lY1T3URLa3HV1jWSEFVqSYdaA3okGIXSQLIt/iTV1xZVfddL2VDLBVNqA
LGHzdbCwd5xo88ac4Brqvuw0y/qQ/b35QbWxIGYXYb9m3jpzZTSts/lAb/OKEfh+
sOyvA52Ihxmn7swxbSNj9N20UU6JsUtmmj8HtRWSkFQSPoiwCXvrkXNJyg4P6D9C
UTo8vIsXvT+IeJNs2iy1FR6/7N+evKoiugL+tW62u8kKi/7qwcd6NXes4fHqz9sX
oYe2sucKSGncTJIK6rkgki7lHrFtD5hoTyRkJ9yLWGe4igAiGaZ9EGFYT9LigE+O
Z7PcnVvIYloFkMCPGQ62v2/ZallSGNGXp/gJh7SiEUilVf9fkaQ=
=yaho
-----END PGP SIGNATURE-----
If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe: https://account.m
icrosoft.com/profile/unsubscribe?CTID=0&ECID=75jHR4ZFh9%2BK3JVkDc7NFwTrVh8ACXUo
vSxYkYKh8DY%3D&K=670ab7ee-f1af-4a98-9905-c329e1d632f6&CMID=null&D=6370365072826
60434&PID=18000&TID=adfd46f4-992a-45ec-935c-4c9bc4baf506
---
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games
|
