Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2017.0160 Security updates for Microsoft Lync and Skype for Business 11 October 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Skype for Business Microsoft Lync Operating System: Windows Impact/Access: Increased Privileges -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2017-11786 Member content until: Friday, November 10 2017 OVERVIEW Microsoft has released its monthly security patch update for the month of October 2017. [1] This update resolves 1 vulnerabilities across the following products: Microsoft Lync 2013 Service Pack 1 (32-bit) Microsoft Lync 2013 Service Pack 1 (64-bit) Skype for Business 2016 (32-bit) Skype for Business 2016 (64-bit) IMPACT Microsoft has given the following details regarding these ulnerabilities. Details Impact Severity CVE-2017-11786 Elevation of Privilege Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1] KB4011159, KB4011179 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWd18HYx+lLeg9Ub1AQg3Fw/9F9SQKPUSzkKCYMDAe/xe7iztP0PvE046 81ehnUeRa+9JF2VVV9nmnJkEQgMOMCAEA0E1zcx0G9nsNuAwaE1NG9ooeSb2gCvv bsNVGG1H+HR3//dFQaF7bQ2D//SxTfasHOkec/wD0ihXPVB2xZN05hL+beJTNsvP tzNgXHfZ+r5wqZTFnhv1lWT5NrdxNZuppsTHyO0rbT8wsiv4sdbG0ckB2qEal9ay mEWoEDX3P/swpOfaiRGVJJR1TVd5pCibW0Ku5i6xfv4kEXwMob1VbLYnxcf8dBWu XY46csDmUgWXiYO7Q0hm9IR+WSlalxIAC/Y1xwRnaFiu/qGSGirPMtdQ7lctt8sU MHlskAgmyuIATgQ8cEyRazju0eYrxts0CzIx2GRJnISrgkS3eFbDBJLqSNB5AKtK N6XyLIZx011Xpmtk5Cv1j5u0YGeGaeeWhTowVK9O/VbCVI5/WBaKEaRJgBMyi2qz XfTtUHN9eMQ8UiMayY8BHQQXydtHcuXng9enJqz3Qq9IEPcSfho8z4xz6ZtZyqzN Y5F1Ou+Vwh1i4qHGEFVOQF9Tz+tjzSI1/grfyzEpI9tZXIyfFX87lJe658yHVX30 APvahwwyQpeW52HqaWlDY12tOdKUaWUIKuIfS1RuB3wJveeU469r/62S+VRg0PUv TmxELDtWVOk= =qJr8 -----END PGP SIGNATURE-----