On June 13, 2017 ("Update Tuesday"), Microsoft released a set of security updates for many versions of Windows.
Note: at the time of this writing (June 14, 2017) we are not aware of reports of any exploits using these vulnerabilities.
While details of the fixes are limited at the moment, Microsoft has signaled that they consider the problems addressed to be significant, and are related to the kinds of vulnerabilities that were exploited by the recent WannaCrypt malware. We are calling this to your attention so that you may be proactive in managing the security of your digital signage infrastructure, and recommend as always that you monitor various IT security news sources.
Normally, Microsoft security updates work as intended without significant side-effects, but occasionally Microsoft does have to revise updates to address issues caused by their initial release. If you are pressed to deploy these updates, the best practice is to test for compatibility and suitability using representative systems in your own lab. Many customers prefer to wait until the updates have established a successful track record within the wider community before deploying.
We recommend that our customers monitor the situation, and consult the following Microsoft security resources:
- Microsoft Security Response Center bulletin about the June 2017 security update release
- Microsoft Security Advisory 4025685
- Microsoft security advisory 4025685: Guidance for supported platforms
- Microsoft security advisory 4025685: Guidance for embedded platforms