-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
**************************************************************************************
Title: Microsoft Security Update Releases
Issued: February 17, 2021
**************************************************************************************
Summary
=======
The following CVEs and advisory have undergone a major revision increment:
* CVE-2021-24067
* CVE-2021-24069
* ADV990001
- CVE-2021-24067 | Microsoft Excel Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24067
- Version 2.0
- Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this vulnerability.
Customers running other Microsoft Office software do not need to take any action.
See the Release Notes for more information and download links.
- Originally posted: February 9, 2021
- Updated: February 16, 2021
- Aggregate CVE Severity Rating: Important
- CVE-2021-24069 | Microsoft Excel Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24069
- Version 2.0
- Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this vulnerability.
Customers running other Microsoft Office software do not need to take any action.
See the Release Notes for more information and download links.
- Originally posted: February 9, 2021
- Updated: February 16, 2021
- Aggregate CVE Severity Rating: Important
- ADV990001 | Latest Servicing Stack Updates
- https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
- Version 33.0
- Reason for Revision: To address known issues customers might have experienced when
installing security updates released on February 9, 2021, Microsoft has released
the following servicing stack updates (SSUs): KB5001078 for all affected editions
of Windows 10; KB5001079 for all affected editions of Windows 10 Version 1607 and
Windows Server 2016. Customers must install the new SSU before installing the
applicable February 9, 2021 security update.
- Originally posted: November 13, 2021
- Updated: February 16, 2021
- Aggregate CVE Severity Rating: Critical
**************************************************************************************
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
======================================================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites.
Microsoft does not distribute security updates via email.
