Tout d’abord, les nouvelles releases du mois….beaucoup sont importantes, donc Patchez ! ! !
This summary lists security updates released for June 2017.
Complete information for the June 2017 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.
Critical Security Updates
============================
Critical Adobe Flash Player
Critical Internet Explorer 9
Critical Internet Explorer 10
Critical Internet Explorer 11
Critical Microsoft Edge
Critical Microsoft Office 2007 Service Pack 3
Critical Microsoft Office 2010 Service Pack 2 (32-bit editions)
Critical Microsoft Office 2010 Service Pack 2 (64-bit editions)
Critical Microsoft Office 2013 RT Service Pack 1
Critical Microsoft Office 2013 Service Pack 1 (32-bit editions)
Critical Microsoft Office 2013 Service Pack 1 (64-bit editions)
Critical Microsoft Office 2016 (32-bit edition)
Critical Microsoft Office 2016 (64-bit edition)
Critical Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Critical Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Critical Microsoft Office Compatibility Pack Service Pack 3
Critical Microsoft Office Web Apps 2010 Service Pack 2
Critical Microsoft Office Web Apps 2013 Service Pack 1
Critical Microsoft Office Word Viewer
Critical Microsoft Excel 2013 RT Service Pack 1
Critical Microsoft Outlook 2007 Service Pack 3
Critical Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Critical Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Critical Microsoft Outlook 2013 RT Service Pack 1
Critical Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Critical Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Critical Microsoft Outlook 2016 (32-bit edition)
Critical Microsoft Outlook 2016 (64-bit edition)
Critical Microsoft Outlook 2016 for Mac
Critical Microsoft PowerPoint 2007 Service Pack 3
Critical Microsoft PowerPoint 2013 RT Service Pack 1
Critical Microsoft PowerPoint 2016 for Mac
Critical Microsoft PowerPoint for Mac 2011
Critical Microsoft Project Server 2013 Service Pack 1
Critical Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Critical Microsoft SharePoint Enterprise Server 2016
Critical Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions)
Critical Microsoft SharePoint Server 2013 Service Pack 1
Critical Microsoft Word 2007 Service Pack 3
Critical Microsoft Word 2010 Service Pack 2 (32-bit editions)
Critical Microsoft Word 2010 Service Pack 2 (64-bit editions)
Critical Microsoft Word 2013 RT Service Pack 1
Critical Microsoft Word 2013 Service Pack 1 (32-bit editions)
Critical Microsoft Word 2013 Service Pack 1 (64-bit editions)
Critical Microsoft Word 2016 (32-bit edition)
Critical Microsoft Word 2016 (64-bit edition)
Critical Microsoft Word 2016 for Mac
Critical Microsoft Word for Mac 2011
Critical Skype for Business 2016 (32-bit)
Critical Skype for Business 2016 (64-bit)
Critical Microsoft Lync 2013 Service Pack 1 (32-bit)
Critical Microsoft Lync 2013 Service Pack 1 (64-bit)
Critical Microsoft Silverlight 5 Developer Runtime when installed on
Microsoft Windows (32-bit)
Critical Microsoft Silverlight 5 Developer Runtime when installed on
Microsoft Windows (x64-based)
Critical Microsoft Silverlight 5 when installed on Microsoft Windows (32-
bit)
Critical Microsoft Silverlight 5 when installed on Microsoft Windows (x64-
based)
Critical Windows 7 for 32-bit Systems Service Pack 1
Critical Windows 7 for x64-based Systems Service Pack 1
Critical Windows 8.1 for 32-bit systems
Critical Windows 8.1 for x64-based systems
Critical Windows RT 8.1
Critical Windows 10 for 32-bit Systems
Critical Windows 10 for x64-based Systems
Critical Windows 10 Version 1511 for 32-bit Systems
Critical Windows 10 Version 1511 for x64-based Systems
Critical Windows 10 Version 1607 for 32-bit Systems
Critical Windows 10 Version 1607 for x64-based Systems
Critical Windows Server 2008 for 32-bit Systems Service Pack 2
Critical Windows Server 2008 for 32-bit Systems Service Pack 2
(Server Core installation)
Critical Windows Server 2008 for Itanium-Based Systems Service
Pack 2
Critical Windows Server 2008 for x64-based Systems Service
Pack 2
Critical Windows Server 2008 for x64-based Systems Service
Pack 2 (Server Core installation)
Critical Windows Server 2008 R2 for Itanium-Based Systems
Service Pack 1
Critical Windows Server 2008 R2 for x64-based Systems Service
Pack 1
Critical Windows Server 2008 R2 for x64-based Systems Service
Pack 1 (Server Core installation)
Critical Windows Server 2012
Critical Windows Server 2012 (Server Core installation)
Critical Windows Server 2012 R2
Critical Windows Server 2012 R2 (Server Core installation)
Critical Windows Server 2016
Critical Windows Server 2016 (Server Core installation)
Puis 2 révisions, critiques encore une fois…..
The following CVEs have undergone a major revision increment.
* CVE-2017-0167
* CVE-2016-3326
Revision Information:
=====================
CVE-2017-0167
– Title: CVE-2017-0167 | Windows Kernel Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To comprehensively address CVE-2017-0167,
Microsoft has released security update 4022887 for supported
editions of Windows Server 2008, and Monthly Rollup 4015549 and
Security Update 4015546 for supported editions of Windows 7 and
Windows Server 2008 R2. Microsoft recommends that customers
running any of these affected editions of Windows should install
the applicable update to be fully protected from this
vulnerability. See Microsoft Knowledge Base Article 4022887,
Microsoft KB4015549 Release Notes, or KB4015546 Release Notes
for more information.
– Originally posted: April 11, 2017
– Updated: June 13, 2017
– CVE Severity Rating: Important
– Version: 2.0
CVE-2016-3326
– Title: CVE-2016-3326 | Microsoft Browser Information
Disclosure Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: Autust 09, 2016
– Updated: June 13, 2017
– CVE Severity Rating: Important
– Version: 2.0
et pour finir les autres révisions majeures – Major Revisions …
The following bulletins have undergone a major revision increment.
* MS16-095
* MS16-AUG
Revision Information:
=====================
MS16-095
– Title: Cumulative Security -Update for Internet Explorer (3177356)
– https:https://technet.microsoft.com/en-us/library/security/
ms16-095.aspx
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: August 9, 2016
– Updated: June 13, 2017
– CVE Severity Rating: Critical
– Version: 2.0
MS16-AUG
– Title: Microsoft Security Bulletin Summary for August 2016
– https:https://technet.microsoft.com/en-us/library/security/
ms16-aug.aspx
– Reason for Revision: To comprehensively address CVE-2016-3326,
Microsoft is releasing June security updates for all affected
Microsoft browsers. Microsoft recommends that customers running
affected Microsoft browsers should install the applicable June
security update to be fully protected from this vulnerability.
See the applicable Release Notes or Microsoft Knowledge Base
article for more information.
– Originally posted: August 09, 2016
– Updated: June 13, 2017
– CVE Severity Rating: N/A
– Version: 2.0
et
The following CVE has been revised in the May 2017 Security Updates.
* CVE-2017-0222
Revision Information:
=====================
CVE-2017-0222
– Title: CVE-2017-0222 | Internet Explorer Memory Corruption
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised Affected Products table to include
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems
Service Pack 2, and Internet Explorer 9 on Windows Server 2008
for x64-based Systems Service Pack 2. This is an informational
change only.
– Originally posted: May 9, 2017
– CVE Severity Rating: Critical
– Version: 2.1
Alors Express Files ou pas…. à vos WSUS/SCCM….Patchez !
PierrE