deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190925101810 (#1197)

Browse Source
This commit is contained in:
John Liu 2019-09-25 10:58:14 -07:00 committed by GitHub
parent ce1d24911f
commit 8e7d8ca1fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/release-information/windows-message-center.yml
View File

@ -50,7 +50,7 @@ sections:
text: "
<table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
<tr><td><a href = 'https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367' target='_blank'><b>Advisory: Scripting Engine Memory Corruption Vulnerability (CVE-2019-1367)</b></a><br><div>On September 23, 2019, Microsoft released a security update to address a remote code execution vulnerability in the way the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could gain the same user permissions as the current user. For example, if a user is logged on with administrative rights, an attacker could take control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.&nbsp;Alternatively, an attacker could host a specially crafted website targeting Internet Explorer and then entice a user to open web page or a malicious document attached to an e-mail. For more information about the vulnerability, see the Microsoft Security Guide&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div><div>&nbsp;</div><div>Mitigation for this vulnerability is available from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/\" target=\"_blank\">Microsoft Security Update Guide</a>. For the best protection, we recommend you apply the latest Windows updates and follow security best practices and do not open attachments or documents from an untrusted&nbsp;source. For more information about the vulnerability, see the Microsoft Security Guide:&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div><div><br></div><div><strong>Update:</strong> Starting September 24, 2019, mitigation for this vulnerability is included as part of the 9C optional update, via Windows Update (WU) and Microsoft Update Catalog, for all supported versions of Windows 10, with the exception of Windows 10, version 1903 and Windows 10, version 1507 (LTSB). For devices running Windows 10, version 1903, mitigation for this vulnerability will be included as part of the 9D optional update via WU, WSUS and the Microsoft Update Catalog (targeted for September 26, 2019.)&nbsp;To apply this update, go to <strong>Settings &gt; Windows Update &gt; Check for Updates</strong>. (<strong>Note</strong> Because this update requires a reboot, we are making it optional to give customers and administrators a choice to install/deploy the update now.)&nbsp;</div><div><br></div><div>For customers running Windows 8.1/ Windows Server 2012 R2 or below, the 9C update is also available on Windows Server Update Services (WSUS).&nbsp;For other supported versions, IT admins using WSUS can import this update&nbsp;into WSUS/SCCM manually. See instructions on the <a href=\"https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site#the-microsoft-update-catalog-site\" target=\"_blank\"><u>WSUS and the Catalog Site</u></a>.</div></td><td>September 24, 2019 <br>05:00 PM PT</td></tr>
<tr><td><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367' target='_blank'><b>Advisory: Scripting Engine Memory Corruption Vulnerability (CVE-2019-1367)</b></a><br><div>On September 23, 2019, Microsoft released a security update to address a remote code execution vulnerability in the way the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could gain the same user permissions as the current user. For example, if a user is logged on with administrative rights, an attacker could take control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.&nbsp;Alternatively, an attacker could host a specially crafted website targeting Internet Explorer and then entice a user to open web page or a malicious document attached to an e-mail. For more information about the vulnerability, see the Microsoft Security Guide&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div><div>&nbsp;</div><div>Mitigation and more information for this vulnerability is available from the&nbsp;Microsoft Security Update Guide at <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;For the best protection, we recommend you apply the latest Windows updates and follow security best practices and do not open attachments or documents from an untrusted&nbsp;source.&nbsp;</div><div><br></div><div><strong>Update:</strong> Starting September 24, 2019, mitigation for this vulnerability is included as part of the 9C optional update, via Windows Update (WU) and Microsoft Update Catalog, for all supported versions of Windows 10, with the exception of Windows 10, version 1903 and Windows 10, version 1507 (LTSB). For devices running Windows 10, version 1903, mitigation for this vulnerability will be included as part of the 9D optional update via WU, WSUS and the Microsoft Update Catalog (targeted for September 26, 2019.)&nbsp;To apply this update, go to <strong>Settings &gt; Windows Update &gt; Check for Updates</strong>. (<strong>Note</strong> Because this update requires a reboot, we are making it optional to give customers and administrators a choice to install/deploy the update now.)&nbsp;</div><div><br></div><div>For customers running Windows 8.1/ Windows Server 2012 R2 or below, the 9C update is also available on Windows Server Update Services (WSUS).&nbsp;For other supported versions of Windows, IT admins using WSUS can import this update&nbsp;into WSUS/SCCM manually from Microsoft Update Catalog. See instructions on the <a href=\"https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site#the-microsoft-update-catalog-site\" target=\"_blank\"><u>WSUS and the Catalog Site</u></a>.</div></td><td>September 24, 2019 <br>05:00 PM PT</td></tr>
<tr><td><b>Status update: September 2019 Windows \"C\" optional release available</b><br><div>The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>September 24, 2019 <br>08:10 AM PT</td></tr>
<tr><td><b>Plan for change: Windows Media Center Electronic Program Guide retiring in January 2020</b><br><div>Starting in January 2020, Microsoft is retiring its Electronic Program Guide (EPG) service for all versions of Windows Media Center. To continue receiving TV Program Guide information on your Windows Media Center, youll need to configure an alternate TV listing provider.</div></td><td>September 24, 2019 <br>08:00 AM PT</td></tr>
<tr><td><b>Status of September 2019 “C” release</b><br><div>The optional monthly “C” release for September 2019 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our&nbsp;<a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow <a href=\"https://twitter.com/windowsupdate\" target=\"_blank\"><u>@WindowsUpdate</u></a> for the latest on the availability of this release.</div></td><td>September 19, 2019 <br>04:11 PM PT</td></tr>