Microsoft Patch Tuesday – July 2017

Microsoft Patch Tuesday

Microsoft Patch Tuesday has released 54 CVE’s for July 2017 which includes 19 CVE’s rated “Critical”, 32 CVE’s rated “Important” and 3 CVE’s rated “Moderate” with an important fix for Windows NTLM. These updates impact products include Edge,.NET Framework, IE , Office, Exchange. Adobe’s got a new version of Adobe Flash Player that address three vulnerabilities.

Across all of these vulnerabilities, security updates for software and services include:

Adobe Flash Player
Microsoft Windows
Microsoft Scripting Engine
Microsoft Edge Browser
Internet Explorer
Microsoft Office
WordPad
Kerberos
HTTP.sys
.NET Framework
HoloLens

Microsoft Office CVE’s listed in July Patch and rated as “Important” including multiple remote code execution vulnerabilities. Windows Powershell and WordPad also expose to Remote Execution vulnerabilities. It is highly recommended to apply all the patches ASAP to avoid any vulnerability attack.

According to Qualys Guard latest blog post:

” Top priority for patching should go to CVE-2017-8589, which is a vulnerability in the Windows Search service. This vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. The issue affects Windows Server 2016, 2012, 2008 R2, 2008 as well as desktop systems like Windows 10, 7 and 8.1. While this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya.

Aside from CVE-2017-8589, patching for workstations and multi-user systems should focus on CVE-2017-8463, which is a vulnerability in Windows Explorer, as well as multiple browser vulnerabilities in Internet Explorer and Edge. Exploitation of these vulnerabilities require user interaction, but can easily become targets for Exploit Kits. “

Critical CVEs

July Flash Security Update
ADV170009
Remote Code Execution

Windows Explorer Remote Code Execution Vulnerability
CVE-2017-8463
Remote Code Execution

HoloLens Remote Code Execution Vulnerability
CVE-2017-8584
Remote Code Execution

Windows Search Remote Code Execution Vulnerability
CVE-2017-8589
Remote Code Execution

Internet Explorer Memory Corruption Vulnerability
CVE-2017-8594
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2017-8595
Remote Code Execution

Microsoft Edge Memory Corruption Vulnerability
CVE-2017-8596
Remote Code Execution

Microsoft Edge Remote Code Execution Vulnerability
CVE-2017-8617
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2017-8598, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8609, CVE-2017-8610, CVE-2017-8618, CVE-2017-8619
Remote Code Execution

Important CVEs

Microsoft Office Remote Code Execution Vulnerability
CVE-2017-0243
Remote Code Execution

Win32k Elevation of Privilege Vulnerability
CVE-2017-8467
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2017-8486
Information Disclosure

Kerberos SNAME Security Feature Bypass Vulnerability
CVE-2017-8495
Security Feature Bypass

Microsoft Office Memory Corruption Vulnerability
CVE-2017-8501, CVE-2017-8502
Remote Code Execution

Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2017-8556
Elevation of Privilege

Windows System Information Console Information Disclosure Vulnerability
CVE-2017-8557
Information Disclosure

Microsoft Exchange Cross-Site Scripting Vulnerability
CVE-2017-8559, CVE-2017-8560
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2017-8561
Elevation of Privilege

Windows ALPC Elevation of Privilege Vulnerability
CVE-2017-8562
Elevation of Privilege

Windows Elevation of Privilege Vulnerability
CVE-2017-8563
Elevation of Privilege

Windows Kernel Information Disclosure Vulnerability
CVE-2017-8564
Information Disclosure

Windows PowerShell Remote Code Execution Vulnerability
CVE-2017-8565
Remote Code Execution

Windows IME Elevation of Privilege Vulnerability
CVE-2017-8566
Elevation of Privilege

SharePoint Server XSS Vulnerability
CVE-2017-8569
Elevation of Privilege

Office Remote Code Execution Vulnerability
CVE-2017-8570
Remote Code Execution

Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2017-8573, CVE-2017-8574
Elevation of Privilege

Win32k Elevation of Privilege Vulnerability
CVE-2017-8577, CVE-2017-8578, CVE-2017-8580, CVE-2017-8581
Elevation of Privilege

Https.sys Information Disclosure Vulnerability
CVE-2017-8582
Information Disclosure

.NET Denial of Service Vulnerability
CVE-2017-8585
Denial of Service

Windows Explorer Denial of Service Vulnerability
CVE-2017-8587
Denial of Service

WordPad Remote Code Execution Vulnerability
CVE-2017-8588
Remote Code Execution

Windows CLFS Elevation of Privilege Vulnerability
CVE-2017-8590
Elevation of Privilege

Microsoft Browser Security Feature Bypass
CVE-2017-8592
Security Feature Bypass

Microsoft Edge Security Feature Bypass Vulnerability
CVE-2017-8599
Security Feature Bypass

Microsoft Browser Spoofing Vulnerability
CVE-2017-8602
Spoofing

Moderate CVEs

Windows Performance Monitor Information Disclosure Vulnerability
CVE-2017-0170
Information Disclosure

Microsoft Edge Spoofing Vulnerability
CVE-2017-8611
Spoofing

Microsoft Exchange Open Redirect Vulnerability
CVE-2017-8621
Spoofing

For Complete List of software impacted by July 2017 Patch Tuesday, download the excel sheet:  Security Update – JULY-2017

Known Issues:  As we all are aware Microsoft Patch Tuesday – June 2017 has addressed many issues with respect to Internet Explorer and Office Outlook.

Currently, we have not addressed with major issues but we have one open issue with Internet Explorer for Windows 7 x32 OS Version, after installing KB4025252 the issue addressed was IE not able to start 😦

Reference:https://support.microsoft.com/en-us/help/4025252/cumulative-security-update-for-internet-explorer-july-11-2017

For more updates and known issues with MS Patch Tuesday – July 2017 please tune to my blog, feel free to update known issues in the comment section.

Thanks for reading 🙂

Advertisements

2 thoughts on “Microsoft Patch Tuesday – July 2017

  1. Pingback: Non-Security Office Update – August 2017 – Mayukh Rastogi's Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s