12 September 2017

Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs

Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs

Today Microsoft released patches for 83 vulnerabilities in various products, fixing 1 zero-day vulnerability in .NET Framework. Two out of 83 vulnerabilities were discovered in Adobe Flash Player.

A detailed description of fixed is available in the table below:

Software Severity CVE/CVSS Known exploits
SB2017091234: Security restrictions bypass in Device Guard in Windows
Windows
Windows Server
Low CVE-2017-8746
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
Not available
SB2017091233: Remote Code Execution in Remote Desktop Virtual Host
Windows
Windows Server
Medium CVE-2017-8714
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091232: Two vulnerabilities in Microsoft Windows
Windows
Windows Server
Low CVE-2017-8702
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8716
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
Not available
SB2017091231: Remote code execution in Windows Shell
Windows
Windows Server
High CVE-2017-8699
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091230: Microsoft Bluetooth Driver Spoofing Vulnerability
Windows
Windows Server
Low CVE-2017-8628
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Not available
SB2017091229: Remote code execution in Broadcom BCM43xx in Microsoft Windows
Windows High CVE-2017-9417
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091228: Microsoft Windows update for Adobe Flash Player
Adobe Flash Player High CVE-2017-11281
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-11282
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091227: Arbitrary code execution in Windows Server DHCP
Windows Server Low CVE-2017-8686
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091226: NetBIOS Remote Code Execution Vulnerability
Windows
Windows Server
Low CVE-2017-0161
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091225: XXE in Windows System Information Console
Windows Server
Windows
Medium CVE-2017-8710
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091224: Remote code execution in Microsoft Windows PDF
Windows
Windows Server
High CVE-2017-8737
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8728
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091223: Remote code execution in Windows Uniscribe
Windows
Windows Server
Microsoft Office
Microsoft Word
Microsoft Office Web Apps
Skype for Business
Microsoft Lync
Microsoft Live Meeting
Lync Attendee
High CVE-2017-8692
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8696
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091222: Multiple information disclosure vulnerabilities in Windows kernel
Windows
Windows Server
Low CVE-2017-8679
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8708
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8709
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8719
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091221: Two vulnerabilities in Microsoft PowerPoint
Microsoft SharePoint Server
Microsoft PowerPoint
Office Online Server
Microsoft Office Compatibility Pack
Microsoft Office Web Apps
Microsoft Office Web Apps Server
High CVE-2017-8743
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8742
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091220: Information disclosure in Microsoft Windows GDI
Windows
Windows Server
Microsoft Office for Mac
Microsoft Office
Microsoft Word
Skype for Business
Microsoft Lync
Microsoft Live Meeting
Lync Attendee
Low CVE-2017-8676
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8688
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8684
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8685
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091219: Information disclosure in Windows Uniscribe
Windows
Windows Server
Microsoft Office
Microsoft Word
Skype for Business
Microsoft Lync
Microsoft Live Meeting
Lync Attendee
Medium CVE-2017-8695
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091218: Multiple vulnerabilities in Microsoft Windows Hyper-V
Windows
Windows Server
Low CVE-2017-8704
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
CVE-2017-8706
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8707
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8711
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8712
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8713
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091217: Remote code execution in Microsoft Office Publisher
Microsoft Publisher High CVE-2017-8725
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091216: Remote code execution in Win32k Graphics in Microsoft Windows
Windows
Windows Server
Microsoft Office
Microsoft Word
High CVE-2017-8682
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091215: Multiple vulnerabilities in Win32.sys driver in Microsoft Windows
Windows
Windows Server
Low CVE-2017-8675
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8677
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8678
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8680
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8681
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8683
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8687
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8720
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091214: Two vulnerabilities in Microsoft Exchange Server
Microsoft Exchange Server Low CVE-2017-8758
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2017-11761
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2017091213: Multiple vulnerabilities in Microsoft Internet Explorer
Microsoft Internet Explorer High CVE-2017-8733
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2017-8747
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8749
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8750
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8648
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8736
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8741
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091212: Multiple vulnerabilities in Microsoft Edge
Microsoft Edge High CVE-2017-8597
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8643
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-11766
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8757
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8754
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
CVE-2017-8751
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8735
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2017-8734
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8731
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8724
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2017-8723
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
CVE-2017-8748
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-11764
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8756
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8755
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8753
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8752
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8741
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8740
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8738
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8729
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8660
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8649
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8739
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8736
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8648
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2017-8750
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8737
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8728
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091211: Multiple vulnerabilities in Microsoft Office
Microsoft Office
Microsoft Excel
Microsoft Excel for Mac
Microsoft Office Compatibility Pack
Microsoft Office Web Apps
Excel Services on Microsoft SharePoint Server
Office Online Server
Microsoft Excel Web App
High CVE-2017-8630
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8631
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8632
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8744
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2017-8567
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2017091210: Remote code execution in Microsoft .NET Framework
Microsoft .NET Framework Сritical CVE-2017-8759
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
This vulnerability is being exploited in the wild.
SB2017091209: Two XSS in Microsoft SharePoint
Microsoft SharePoint Server
Microsoft SharePoint Foundation
Low CVE-2017-8629
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2017-8745
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Not available

Critical zero-day in .NET Framework

The vulnerability was detected by FireEye  researchers. The attacker used Microsoft Office RTF document to leverage RCE in .NET Framework and deploy FINSPY malware. The malicious document “Проект.doc” (MD5: fe5c4d6bb78e170abf5cf3741868ea4c) had Russian name and might have been used to target a Russian speaker. More information about the zero-day vulnerability is available in FireEye research.

Additionally Microsoft has issued Defense in Depth update for Microsoft Office: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV17001

Back to the list

Latest Posts

Week in review: major security incidents in September 11-17

Week in review: major security incidents in September 11-17

The article contains a brief report of cybersecurity incidents for the past week.
18 September 2017
Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs

Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs

Microsoft patched 83 vulnerabilities in total.
12 September 2017
Exploring dark web: Marketplaces for wannabe hackers

Exploring dark web: Marketplaces for wannabe hackers

The top markets for criminals: some research into Deep Web.
12 September 2017
Featured vulnerabilities
Remote code execution in Foxit Reader
High Not Patched | 23 Sep, 2017
Remote code execution in Google Chrome
High Patched | 23 Sep, 2017
Command execution in Digium Asterisk GUI
High Not Patched | 22 Sep, 2017
Authentication bypass in Ctek SkyRouters
Low Patched | 22 Sep, 2017

Future events
Location: Hotel Grandior, konferenční centrum,Na Poříčí 42, Praha 1
End date: 2017-10-06

6. října 2016 na Vás čeká bohatý program, v rámci kterého představí své vize a novinky pro rok 2017 přední odborníci české IT scény. Nenechte si ujít důležité informace z oblasti licencování, technologických trendů, cloudových a poradenských služeb či produktových novinek předních světových výrobců softwaru!

Akce se koná v konferenčním centru hotelu Grandior, Na Poříčí 42, Praha 1.

Předběžný program:

Dopolední blok IT Inspiration

  • IT pro firmy nové generace
  • Digitální transformace a internet věcí z pohledu Microsoftu
  • Novinky a trendy v IBM Cloud Computingu

Odpolední blok Advisory & Security

  • Nový licenční program Enterprise Advantage
  • Force audit výrobce: Rizika, prevence a průběh
  • Hybridní licencování
  • Prezentace společnosti Comguard
  • Platforma Pyracloud by SoftwareONE

Blok Cloud

  • Firma As A Service
  • Virtualizace a cloudová řešení VMware
  • Jak na to: Transformace do cloudu
  • Prezentace společnosti Veeam
  • Ochrana informací a správa identit
  • BYOD

Registrovat se můžete na stránkách konference.

CIO Business World je partnerem akce.



Location: Na Strži 65/1702, Praha 4
Links: http://financnictvi.konference.cz/

Technologické inovace ve finančním sektoru (FINTECH). Kybernetická bezpečnost, risk management, decision engine, datová analýza, reporting, platformy bezpečnostních technologií, mobilní aplikace v globálním světě financí, projektové řízení, případové studie.
Location: Bajkalská 25/A, Bratislava
Links: http://bdd.exponet.sk/

Explózia dát je nepochybne sprievodným javom súčasnosti. Preto aj problematika bezpečnosti a dostupnosti dát zaznamenáva prevratný rozvoj a jej obsah a rozsah sa mení tiež v súvislosti s vývojom nových technológií. Ochrana dát sa netýka len jednotlivých zariadení, ale aj sietí, online úložísk a služieb. Množstvo dát, portfólio zariadení a úložisk sa tiež významne rozširuje s nástupom internetu vecí. Konferencia sa zameriava na aktuálne trendy a možnosti lepšej ochrany a efektívnej práce s dátami.
Location: Na Strži 65/1702, Praha 4
Links: http://did.konference.cz/

Konference přinese aktuální témata, vystoupení předních odborníků z praxe i z akademického prostředí, případové studie. V popředí zájmu budou big data, data analytics, propojování interních a externích dat, business intelligence, geodata, open data,  big data ve finančnictví, vzdělávání i astronomii.