A
Abraham54
Gast
**************************************************************************************
Title: Microsoft Security Advisory Notification
Issued: May 14, 2019
**************************************************************************************
Security Advisories Released or Updated on May 14, 2019
======================================================================================
* Microsoft Security Advisory ADV990001
- ADV990001 | Latest Servicing Stack Updates
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
- Reason for Revision: A Servicing Stack Update has been released for Windows 10
version 1507, Windows 10 version 1607, Windows Server 2016, Windows 10 version
1703, Windows 10 version 1709, Windows Server, version 1709, Windows 10 version
1803, Windows Server, version 1803, Windows 10 version 1809, Windows Server 2019,
Windows 10 version 1809 and Windows Server, version 1809. See the FAQ section for
more information.
- Originally posted: November 13, 2018
- Updated: May 14, 2019
- Version: 8.0
* Microsoft Security Advisory ADV190012
- ADV190012 | May 2019 Adobe Flash Security Update
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190012
- Reason for Revision: Information published.
- Originally posted: May 14, 2019
- Updated: N/A
- Version: 1.0
* Microsoft Security Advisory ADV190013
- ADV190013 | Microsoft Guidance to mitigate Microarchitectural Data Sampling
vulnerabilities
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190013
- Reason for Revision: Information published.
- Originally posted: May 14, 2018
- Updated: N/A
- Version: 1.0
* Microsoft Security Advisory ADV190006
- ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190006
- Reason for Revision: On May 14, 2019, Microsoft released security updates to
introduce a new trust flag to add a new safe default configuration for
CVE-2018-0683, the CVE that addresses the issue described in this vulnerability.
For more information please see https://support.microsoft.com/en-us/help/4490425/
updates-to-tgt-delegation-across-incoming-trusts-in-windows-server.
See CVE-2019-0863 for links to download the updates.
- Originally posted: February 12, 2019
- Updated: May 14, 2019
- Version: 1.3
* Microsoft Security Advisory ADV190009
- ADV190009 | SHA-2 Code Sign Support Advisory
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190009
- Reason for Revision: Microsoft is announcing the availability of the support
SHA-2 code sign support for Windows Server 2008 Service Pack 2.
- Originally posted: March 12, 2019
- Updated: May 14, 2019
- Version: 2.0
======================================================================================
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
======================================================================================
If you receive an email message that claims to be distributing a Microsoft security
update, it is a hoax that may contain malware or pointers to malicious websites.
Microsoft does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security
notifications. However, PGP is not required for reading security notifications,
reading security bulletins, or installing security updates. You can obtain the MSRC
public PGP key at <https://technet.microsoft.com/security/dn753714>.
**************************************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT
WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED,
INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS
PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL
OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
**************************************************************************************
Title: Microsoft Security Advisory Notification
Issued: May 14, 2019
**************************************************************************************
Security Advisories Released or Updated on May 14, 2019
======================================================================================
* Microsoft Security Advisory ADV990001
- ADV990001 | Latest Servicing Stack Updates
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
- Reason for Revision: A Servicing Stack Update has been released for Windows 10
version 1507, Windows 10 version 1607, Windows Server 2016, Windows 10 version
1703, Windows 10 version 1709, Windows Server, version 1709, Windows 10 version
1803, Windows Server, version 1803, Windows 10 version 1809, Windows Server 2019,
Windows 10 version 1809 and Windows Server, version 1809. See the FAQ section for
more information.
- Originally posted: November 13, 2018
- Updated: May 14, 2019
- Version: 8.0
* Microsoft Security Advisory ADV190012
- ADV190012 | May 2019 Adobe Flash Security Update
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190012
- Reason for Revision: Information published.
- Originally posted: May 14, 2019
- Updated: N/A
- Version: 1.0
* Microsoft Security Advisory ADV190013
- ADV190013 | Microsoft Guidance to mitigate Microarchitectural Data Sampling
vulnerabilities
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190013
- Reason for Revision: Information published.
- Originally posted: May 14, 2018
- Updated: N/A
- Version: 1.0
* Microsoft Security Advisory ADV190006
- ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190006
- Reason for Revision: On May 14, 2019, Microsoft released security updates to
introduce a new trust flag to add a new safe default configuration for
CVE-2018-0683, the CVE that addresses the issue described in this vulnerability.
For more information please see https://support.microsoft.com/en-us/help/4490425/
updates-to-tgt-delegation-across-incoming-trusts-in-windows-server.
See CVE-2019-0863 for links to download the updates.
- Originally posted: February 12, 2019
- Updated: May 14, 2019
- Version: 1.3
* Microsoft Security Advisory ADV190009
- ADV190009 | SHA-2 Code Sign Support Advisory
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190009
- Reason for Revision: Microsoft is announcing the availability of the support
SHA-2 code sign support for Windows Server 2008 Service Pack 2.
- Originally posted: March 12, 2019
- Updated: May 14, 2019
- Version: 2.0
======================================================================================
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
======================================================================================
If you receive an email message that claims to be distributing a Microsoft security
update, it is a hoax that may contain malware or pointers to malicious websites.
Microsoft does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security
notifications. However, PGP is not required for reading security notifications,
reading security bulletins, or installing security updates. You can obtain the MSRC
public PGP key at <https://technet.microsoft.com/security/dn753714>.
**************************************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT
WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED,
INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS
PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL
OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
**************************************************************************************