Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Microsoft security updates

Number: AV17-189
Date: 12 December 2017

Purpose

The purpose of this advisory is to bring attention to recently released Microsoft Security Updates.

Assessment

This advisory covers multiple support package deployments addressing multiple vulnerabilities in various Microsoft products including Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Exchange Server, ChakraCore and Microsoft Malware Protection Engine.

CVE References: CVE-2017-11885, CVE-2017-11886, CVE-2017-11887, CVE-2017-11888, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11899, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11906, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, CVE-2017-11919, CVE-2017-11927, CVE-2017-11930, CVE-2017-11932, CVE-2017-11934, CVE-2017-11935, CVE-2017-11936, CVE-2017-11939, CVE-2017-11940

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/c383fa60-b852-e711-80dd-000d3a32f9b6
https://portal.msrc.microsoft.com/en-us/security-guidance

Date modified: