Lucene search

K
mskbMicrosoftKB4019263
HistoryMay 09, 2017 - 7:00 a.m.

May 9, 2017—KB4019263 (Security-only update)

2017-05-0907:00:00
Microsoft
support.microsoft.com
26

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

Low

EPSS

0.589

Percentile

97.8%

May 9, 2017—KB4019263 (Security-only update)

Improvements and fixes

This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Updated Windows Cryptography API to deprecate SHA-1 for SSL/TLS Server Authentication, including in Microsoft Edge and Internet Explorer 11 . See Advisory 4010323 for more information.
  • Security updates to Microsoft Graphics Component, Windows COM, Microsoft ActiveX, Windows Server, Windows kernel, and Microsoft Windows DNS.

For more information about the security vulnerabilities resolved, please refer to the Security Update Guide.

Known issues in this update

Symptom Workaround
If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates. This issue is resovled by KB4022722.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

  • File information
    For a list of the files that are provided in this update, download the file information for cumulative update KB4019263.

More Information

  • This Security-Only Quality Update does not include security fixes for Internet Explorer. To obtain the security fixes for Internet Explorer, Cumulative Security Update for Internet Explorer KB4018271 should also be installed. Note that the Security Monthly Quality Rollup does contain security updates for Internet Explorer.
  • If you use update management processes other than Windows Update and you automatically approve all security updates classifications for deployment, this May 2017 Security-Only Quality Update KB4019263, the May 2017 Security Monthly Quality Rollup KB4018271, and the Cumulative Security Update for Internet Explorer KB4014661 are deployed. We recommend that you review your update deployment rules to make sure the desired updates are deployed.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

Low

EPSS

0.589

Percentile

97.8%