dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1016

dp
MVM
join:2000-12-08
Greensburg, PA

9 recommendations

dp

MVM

Microsoft Security Bulletin(s) for March 14, 2017

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/techne ··· security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/li ··· ms17-mar

Critical (9)

Microsoft Security Bulletin MS17-006
Cumulative Security Update for Internet Explorer (4013073)
»technet.microsoft.com/li ··· ms17-006

Microsoft Security Bulletin MS17-007
Cumulative Security Update for Microsoft Edge (4013071)
»technet.microsoft.com/li ··· ms17-007

Microsoft Security Bulletin MS17-008
Security Update for Windows Hyper-V (4013082)
»technet.microsoft.com/li ··· ms17-008

Microsoft Security Bulletin MS17-009
Security Update for Microsoft Windows PDF Library (4010319)
»technet.microsoft.com/li ··· ms17-009

Microsoft Security Bulletin MS17-010
Security Update for Microsoft Windows SMB Server (4013389)
»technet.microsoft.com/li ··· ms17-010

Microsoft Security Bulletin MS17-011
Security Update for Microsoft Uniscribe (4013076)
»technet.microsoft.com/li ··· ms17-011

Microsoft Security Bulletin MS17-012
Security Update for Microsoft Windows (4013078)
»technet.microsoft.com/li ··· ms17-012

Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)
»technet.microsoft.com/li ··· ms17-013

Microsoft Security Bulletin MS17-023
Security Update for Adobe Flash Player
»technet.microsoft.com/li ··· ms17-023

Important (9)

Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241)
»technet.microsoft.com/li ··· ms17-014

Microsoft Security Bulletin MS17-015
Security Update for Microsoft Exchange Server (4013242)
»technet.microsoft.com/li ··· ms17-015

Microsoft Security Bulletin MS17-016
Security Update for Windows IIS (4013074)
»technet.microsoft.com/li ··· ms17-016

Microsoft Security Bulletin MS17-017
Security Update for Windows Kernel (4013081)
»technet.microsoft.com/li ··· ms17-017

Microsoft Security Bulletin MS17-018
Security Update for Windows Kernel-Mode Drivers (4013083)
»technet.microsoft.com/li ··· ms17-018

Microsoft Security Bulletin MS17-019
Security Update for Active Directory Federation Services (4010320)
»technet.microsoft.com/li ··· ms17-019

Microsoft Security Bulletin MS17-020
Security Update for Windows DVD Maker (3208223)
»technet.microsoft.com/li ··· ms17-020

Microsoft Security Bulletin MS17-021
Security Update for Windows DirectShow (4010318)
»technet.microsoft.com/li ··· ms17-021

Microsoft Security Bulletin MS17-022
Security Update for Microsoft XML Core Services (4010321)
»technet.microsoft.com/li ··· ms17-022

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact: For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

See also: »blogs.technet.microsoft. ··· release/

NICK ADSL UK
MVM
join:2004-02-22
united kingd

NICK ADSL UK

MVM

Thanks Don

andyross
MVM
join:2003-05-04
Aurora, IL

1 recommendation

andyross to dp

MVM

to dp
Wow. Looks like they are making up for last month!!

VikingBob
Go Jets Go!
Premium Member
join:2004-06-05
MB Canada

1 recommendation

VikingBob

Premium Member

They are!

ltsnow
Premium Member
join:2006-04-08
Valdosta, GA

1 recommendation

ltsnow to dp

Premium Member

to dp
Thanks DP. Got 7 for XP.
Frodo
join:2006-05-05

4 edits

Frodo to dp

Member

to dp
I ran into a problem with these updates. I use Password Safe for passwords. If the password database was ever stolen, cracking attempts could be attempted endlessly on it. So, I like to use a long password including unicode, like this:
uÈ™6GØ%ʳqJMÝsý¼mZpFïûAED13b8©kJ&MbRorjvTxY±2XñÐy9½©Ýf3bCb™éÃhf$
Obviously, I wouldn't want to remember this password, let alone type it, so I made an .hta program that generates the password. After the update, the unicode password generated is different. I can feed the program an ansi string of characters, and the password is the same after the updates.

I've been using this for years. My XP hadn't updated yet, so I generated the password on that box, and changed the password on Passsafe to an ansi one.

Now, we had an IE update which mshta.exe is based on, and this Uniscribe update that controls "typography".

Something is not happy with my password generator and unicode.

Edit: It generates the same alternate password on Win 7 starter, 8 Pro and 10 whatever, all post update. On pre-update Vista, XP and Win 2000, it generates the same password as was generated on my main box prior to these updates. Me thinks there is some kind of problem in Unicode-land.

Edit: The problem manifested itself in Vista. I uninstalled the update associated with MS17-006, which for Vista was 4012204, and the problem cleared. Reinstalled it, and the problem came back. My guess is, this update doesn't handle Unicode properly, and has probably introduced a new vulnerability.

Yet another edit: It's not unicode. It has been a while since I wrote the script. It is high ansi. I added certain characters between Ansi 128 and Ansi 255. I wanted additional characters to make any cracker work that much harder.

andyross
MVM
join:2003-05-04
Aurora, IL

andyross to dp

MVM

to dp
For reference, on my Win10 computer, there were 4 Windows updates (Cumulative, Flash, MSRT, Servicing Stack Update [again?]), and 6 for Office 2007.

GuruGuy
Premium Member
join:2002-12-16
Atlanta, GA

GuruGuy to dp

Premium Member

to dp
Anyone experiencing extremely long boot times after this patch Tuesday? I certainly have an issue on one Win10. After the login screen it just sits at a black screen for about 2-3 mins with the disk light on, then finally comes up to the desktop. Prior to these patches, boot time was less than a minute.