Microsoft Outlook security update revisions (July 27, 2017)

Microsoft has undertaken CVE-2017-8571, CVE-2017-8572, and CVE-2017-8663 addressing vulnerabilities within Microsoft Outlook a major revision. The reason is to fix vulnerabilities (and known issues) in affected Office versions.


Advertising

CVE-2017-8571

– Title: CVE-2017-8571 | Microsoft Office Outlook Security Feature
   Bypass Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: CVE-2017-8571 has been added to the July
   2017 Security Updates. Microsoft recommends that customers running
   affected editions of Microsoft Office install the applicable July
   security updates to be fully protected from this vulnerability
   and to address known issues 1 through 4 in the June 2017 security
   updates for Microsoft Outlook. For more information see the Update
   FAQ section of this CVE.
– Originally posted: July 27, 2017 
– Updated: N/A
– CVE Severity Rating: Important
– Version: 1.0

CVE-2017-8572

– Title: CVE-2017-8572 | Microsoft Office Outlook Information
   Disclosure Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: CVE-2017-8572 has been added to the July
   2017 Security Updates. Microsoft recommends that customers running
   affected editions of Microsoft Office install the applicable July
   security updates to be fully protected from this vulnerability
   and to address known issues 1 through 4 in the June 2017 security
   updates for Microsoft Outlook. For more information see the Update
   FAQ section of this CVE.
– Originally posted: July 27, 2017
– Updated: N/A
– CVE Severity Rating: Important
– Version: 1.0

CVE-2017-8663


Advertising

– Title: CVE-2017-8663 | Microsoft Office Outlook Memory Corruption
   Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: CVE-2017-8663 has been added to the July
   2017 Security Updates. Microsoft recommends that customers running
   affected editions of Microsoft Office install the applicable July
   security updates to be fully protected from this vulnerability
   and to address known issues 1 through 4 in the June 2017 security
   updates for Microsoft Outlook. For more information see the Update
   FAQ section of this CVE.
– Originally posted: July 27, 2017
– Updated: N/A
– CVE Severity Rating: Important
– Version: 1.0

Currently it's not clear, whether the new Outlook security updates are fixing the Outlook issues (see my blog post Microsoft pulls Updates for Outlook 2010/2013/2016). The text above say, they addressed known issues 1-4, but the KB articles hasn't been updated yet.


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in Office, Update and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *