Patch Tuesday ! ! ! et il est chargé…

Publié le 14/06/2017 par

Tout d’abord, les nouvelles releases du mois….beaucoup sont importantes, donc Patchez ! ! !

This summary lists security updates released for June 2017.
Complete information for the June 2017 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.
Critical Security Updates
============================
Critical        Adobe Flash Player
Critical        Internet Explorer 9
Critical        Internet Explorer 10
Critical        Internet Explorer 11
Critical        Microsoft Edge
Critical        Microsoft Office 2007 Service Pack 3
Critical        Microsoft Office 2010 Service Pack 2 (32-bit editions)
Critical        Microsoft Office 2010 Service Pack 2 (64-bit editions)
Critical        Microsoft Office 2013 RT Service Pack 1
Critical        Microsoft Office 2013 Service Pack 1 (32-bit editions)
Critical        Microsoft Office 2013 Service Pack 1 (64-bit editions)
Critical        Microsoft Office 2016 (32-bit edition)
Critical        Microsoft Office 2016 (64-bit edition)
Critical        Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Critical        Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Critical        Microsoft Office Compatibility Pack Service Pack 3
Critical        Microsoft Office Web Apps 2010 Service Pack 2
Critical        Microsoft Office Web Apps 2013 Service Pack 1
Critical        Microsoft Office Word Viewer
Critical        Microsoft Excel 2013 RT Service Pack 1
Critical        Microsoft Outlook 2007 Service Pack 3
Critical        Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Critical        Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Critical        Microsoft Outlook 2013 RT Service Pack 1
Critical        Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Critical        Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Critical        Microsoft Outlook 2016 (32-bit edition)
Critical        Microsoft Outlook 2016 (64-bit edition)
Critical        Microsoft Outlook 2016 for Mac
Critical        Microsoft PowerPoint 2007 Service Pack 3
Critical        Microsoft PowerPoint 2013 RT Service Pack 1
Critical        Microsoft PowerPoint 2016 for Mac
Critical        Microsoft PowerPoint for Mac 2011
Critical        Microsoft Project Server 2013 Service Pack 1
Critical        Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Critical        Microsoft SharePoint Enterprise Server 2016
Critical        Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions)
Critical        Microsoft SharePoint Server 2013 Service Pack 1
Critical        Microsoft Word 2007 Service Pack 3
Critical        Microsoft Word 2010 Service Pack 2 (32-bit editions)
Critical        Microsoft Word 2010 Service Pack 2 (64-bit editions)
Critical        Microsoft Word 2013 RT Service Pack 1
Critical        Microsoft Word 2013 Service Pack 1 (32-bit editions)
Critical        Microsoft Word 2013 Service Pack 1 (64-bit editions)
Critical        Microsoft Word 2016 (32-bit edition)
Critical        Microsoft Word 2016 (64-bit edition)
Critical        Microsoft Word 2016 for Mac
Critical        Microsoft Word for Mac 2011
Critical        Skype for Business 2016 (32-bit)
Critical        Skype for Business 2016 (64-bit)
Critical        Microsoft Lync 2013 Service Pack 1 (32-bit)
Critical        Microsoft Lync 2013 Service Pack 1 (64-bit)
Critical        Microsoft Silverlight 5 Developer Runtime when installed on
Microsoft Windows (32-bit)
Critical        Microsoft Silverlight 5 Developer Runtime when installed on
Microsoft Windows (x64-based)
Critical        Microsoft Silverlight 5 when installed on Microsoft Windows (32-
bit)
Critical        Microsoft Silverlight 5 when installed on Microsoft Windows (x64-
based)
Critical        Windows 7 for 32-bit Systems Service Pack 1
Critical        Windows 7 for x64-based Systems Service Pack 1
Critical        Windows 8.1 for 32-bit systems
Critical        Windows 8.1 for x64-based systems
Critical        Windows RT 8.1
Critical        Windows 10 for 32-bit Systems
Critical        Windows 10 for x64-based Systems
Critical        Windows 10 Version 1511 for 32-bit Systems
Critical        Windows 10 Version 1511 for x64-based Systems
Critical        Windows 10 Version 1607 for 32-bit Systems
Critical        Windows 10 Version 1607 for x64-based Systems
Critical        Windows Server 2008 for 32-bit Systems Service Pack 2
Critical        Windows Server 2008 for 32-bit Systems Service Pack 2
(Server Core installation)
Critical        Windows Server 2008 for Itanium-Based Systems Service
Pack 2
Critical        Windows Server 2008 for x64-based Systems Service
Pack 2
Critical        Windows Server 2008 for x64-based Systems Service
Pack 2 (Server Core installation)
Critical        Windows Server 2008 R2 for Itanium-Based Systems
Service Pack 1
Critical        Windows Server 2008 R2 for x64-based Systems Service
Pack 1
Critical        Windows Server 2008 R2 for x64-based Systems Service
Pack 1 (Server Core installation)
Critical        Windows Server 2012
Critical        Windows Server 2012 (Server Core installation)
Critical        Windows Server 2012 R2
Critical        Windows Server 2012 R2 (Server Core installation)
Critical        Windows Server 2016
Critical        Windows Server 2016 (Server Core installation)

Puis 2 révisions, critiques encore une fois…..

The following CVEs have undergone a major revision increment.
* CVE-2017-0167
* CVE-2016-3326
Revision Information:
=====================
CVE-2017-0167
– Title: CVE-2017-0167 | Windows Kernel Information Disclosure
Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To comprehensively address CVE-2017-0167,
Microsoft has released security update 4022887 for supported
editions of Windows Server 2008, and Monthly Rollup 4015549 and
Security Update 4015546 for supported editions of Windows 7 and
Windows Server 2008 R2. Microsoft recommends that customers
running any of these affected editions of Windows should install
the applicable update to be fully protected from this
vulnerability. See Microsoft Knowledge Base Article 4022887,
Microsoft KB4015549 Release Notes, or KB4015546 Release Notes
for more information.
– Originally posted: April 11, 2017
– Updated: June 13, 2017
– CVE Severity Rating: Important
– Version: 2.0
CVE-2016-3326
– Title: CVE-2016-3326 | Microsoft Browser Information
Disclosure Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: Autust 09, 2016
– Updated: June 13, 2017
– CVE Severity Rating: Important
– Version: 2.0

et pour finir les autres révisions majeures – Major Revisions …

The following bulletins have undergone a major revision increment.
* MS16-095
* MS16-AUG
Revision Information:
=====================
MS16-095
– Title: Cumulative Security -Update for Internet Explorer (3177356)
https:https://technet.microsoft.com/en-us/library/security/
ms16-095.aspx
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: August 9, 2016
– Updated: June 13, 2017
– CVE Severity Rating: Critical
– Version: 2.0
MS16-AUG
– Title: Microsoft Security Bulletin Summary for August 2016
https:https://technet.microsoft.com/en-us/library/security/
ms16-aug.aspx
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: August 09, 2016
– Updated: June 13, 2017
– CVE Severity Rating: N/A
– Version: 2.0

 

et

The following CVE has been revised in the May 2017 Security Updates.
* CVE-2017-0222
Revision Information:
=====================
CVE-2017-0222
– Title: CVE-2017-0222 | Internet Explorer Memory Corruption
Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised Affected Products table to include
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems
Service Pack 2, and Internet Explorer 9 on Windows Server 2008
for x64-based Systems Service Pack 2. This is an informational
change only.
– Originally posted: May 9, 2017
– CVE Severity Rating: Critical
– Version: 2.1

 

Alors Express Files ou pas…. à vos WSUS/SCCM….Patchez !

PierrE

A propos Red Kaffe

IT Trainer and Consultant on Microsoft Technologies. Windows Server and Client, Service Center 2012, WSUS/MDT/ADK/WAIK, SBS 2008/2011, Office 365, etc. Fully dedicated to support and train my customers...
Cet article a été publié dans 2008R2, 2012R2, 2016, Audit, Deployment, Ransomeware, Security, System Center, Windows 7, Windows 8, Windows 8.1, Windows10, WS 2012, WS2015TP, WSUS. Ajoutez ce permalien à vos favoris.

Répondre

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Gravatar
Logo WordPress.com

Vous commentez à l'aide de votre compte WordPress.com. Déconnexion /  Changer )

Photo Google

Vous commentez à l'aide de votre compte Google. Déconnexion /  Changer )

Image Twitter

Vous commentez à l'aide de votre compte Twitter. Déconnexion /  Changer )

Photo Facebook

Vous commentez à l'aide de votre compte Facebook. Déconnexion /  Changer )

Annuler

Connexion à %s