A short supplement from last week. Microsoft has released some Security Advisory Notifications and Update Revision Notifications for March 12 and 14, 2019.
**************************************************************************************
Title: Microsoft Security Advisory Notification
Issued: March 12, 2019
**************************************************************************************
Security Advisories Released or Updated on March 12, 2019
=====================================================================
* Microsoft Security Advisory ADV990001
– ADV990001 | Latest Servicing Stack Updates
– ADV990001
– Reason for Revision: A Servicing Stack Update has been released for Windows 7 and
Windows Server 2008 R2 and Windows Server 2008 R2 (Server Core installation). See
the FAQ section for more information.
– Originally posted: November 13, 2018
– Updated: March 12, 2019
– Version: 6.0
* Microsoft Security Advisory ADV190005
– ADV190005 | Guidance to adjust HTTP/2 SETTINGS frames
– ADV190005
– Reason for Revision: Updated the advisory text. This is an informational change
only.
– Originally posted: February 20, 2019
– Updated: March 12, 2019
– Version: 1.1
* Microsoft Security Advisory ADV190008
– ADV190008 | March 2019 Adobe Flash Security Update
– ADV190008
– Reason for Revision: Information published.
– Originally posted: March 12, 2019
– Updated: N/A
– Version: 1.0
* Microsoft Security Advisory ADV190009
– ADV190009 | SHA-2 Code Sign Support Advisory
– ADV190009
– Reason for Revision: Information publsihed.
– Originally posted: March 12, 2019
– Updated: N/A
– Version: 1.0
* Microsoft Security Advisory ADV190010
– ADV190010 | Best Practices Regarding Sharing of a Single User Account Across
Multiple Users
– ADV190010
– Reason for Revision: Information publsihed.
– Originally posted: March 12, 2019
– Updated: N/A
***************************************************************************
Title: Microsoft Security Update Releases
Issued: March 12, 2019
***************************************************************************
Summary
=======
The following CVEs have undergone a major revision increment:
* CVE-2019-0601
* CVE-2019-0604
* CVE-2019-0624
Revision Information:
=====================
– CVE-2019-0601
– Version: 2.0
– Reason for Revision: CVE re-released to address a regression introduced in the
original updates. Customers affected by the regression should install the security
updates released on March 12, 2019.
– Originally posted: February 12, 2019
– Updated: March 12, 2019
– Aggregate CVE Severity Rating: Important
– CVE-2019-0604
– Version: 2.0
– Reason for Revision: To comprehensively address CVE-2019-0604 Microsoft is releasing
the following security updates: 4462199 for Microsoft SharePoint Server 2019,
4462211 for Microsoft SharePoint Enterprise Server 2016, 4462202 for Microsoft
SharePoint Foundation 2013 Service Pack 1, and 4462184 for Microsoft SharePoint
Server 2010 Service Pack 2. Microsoft recommends that customers running these
versions of SharePoint Server install the updates to be protected from this
vulnerability.
– Originally posted: February 12, 2019
– Updated: March 12, 2019
– Aggregate CVE Severity Rating: Critical
– CVE-2019-0624
– Version: 2.0
– Reason for Revision: Added Microsoft Lync Server 2013 July 2018 Update to the
Security Updates table as it addresses this vulnerability.
– Originally posted: January 16, 2019
– Updated: March 12, 2019
– Aggregate CVE Severity Rating: Important
***********************************************************************
Title: Microsoft Security Update Releases
Issued: March 14, 2019
***********************************************************************
Summary
=======
The following CVEs have undergone a major revision increment:
* CVE-2019-0804
Revision Information:
=====================
– CVE-2019-0804
– Version: 1.0
– Reason for Revision: Information published.
– Originally posted: March 14, 2019
– Updated: N/A
– Aggregate CVE Severity Rating: Important
