this fixlet has source severity ‘unspecified’, can this been corrected pls ?
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509
Hi Nick,
The CVE page that you posted does not include KB3203387. For others, e.g. KB3203430, we did mark the Fixlet “important”.
MS17-JUN: Cumulative update for SharePoint Server 2013 - SharePoint Server 2013 SP1 - KB3203430 (x64) 320343001 Important CVE-2017-8509
If you go to the guidance https://portal.msrc.microsoft.com/en-us/security-guidance and search for KB3203387 with Severity checked, you would see:
06/13/2017 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 3203387 Security Update None
The Severity is indeed marked “None”.
1 Like
Thanks Jason for the answer!
Just add-on, this KB3203387 are part of defence-in-depth: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170008