Microsoft August 2017 Patch Tuesday addresses 48 security vulnerabilities in six of it’s main product categories. Amoung these 25 CVE’s are rated as Critical, 21 are rated as Important and 2 are rated as Moderate. However, a vulnerability management tool can help detect these vulnerabilities.
More than two dozen remote code execution vulnerabilities are addressed in August 2017 security update. Also, among these security vulnerabilities, two became public before the patch was released. CVE-2017-8627(Windows Subsystem for Linux Denial of Service Vulnerability), which is related to how Windows Subsystem for Linux improperly handles objects in memory. Moreover, it allows an attacker to cause a denial of service against the local system on successful exploitation. Having a patch management solution can help patch these vulnerabilities. Also, CVE-2017-8633(Windows Error Reporting Elevation of Privilege Vulnerability), which is related to Windows Error Reporting (WER). Moreover, it allows an attacker to gain greater access to sensitive information and system functionality on successful exploitation. However, Microsoft didn’t detect these vulnerabilities any of them being used in live attacks.
More on Patch Tuesday August 2017
SMBLoris DoS vulnerability, which is revealed in July DEFCON conference. This vulnerability affect all the versions of SMB, is a remote and uncredentialed Denial of Service vulnerability. It affect all modern versions of Windows, at least from Windows 2000 through Windows 10. The Systems remains vulnerable, even if all versions of SMB v1, v2, and v3 are disabled. It is caused by a 20+ year old vulnerability in the SMB network protocol implementation. Microsoft said it would not provide a patch this time, as the vulnerability needs to be attacked over the internet and the SMB port should already be firewalled. hence patch will be provided in up coming day.
The most critical remote code execution vulnerability is due to the way Windows Search handles objects in memory. Also, “An attacker who successfully exploited this vulnerability could take control of the affected system”. Exploitation of this vulnerability requires an attacker to send specially crafted messages to the Windows Search service.
An another important remote code execution vulnerability is related to Windows Hyper-V. It exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. However, to exploit the vulnerability, an attacker need to run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
Moreover, this is the first time, some CVE’S patched on the Linux Subsystem under Windows. These are CVE-2017-8622(Windows Subsystem for Linux Elevation of Privilege Vulnerability) and CVE-2017-8627(Windows Subsystem for Linux Denial of Service Vulnerability).
The August security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Adobe Flash Player
Microsoft SQL Server
Microsoft SharePoint
Microsoft security bulletin summary for August 2017:
KB4034674: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8503, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8622, CVE-2017-8623, CVE-2017-8624, CVE-2017-8627, CVE-2017-8633, CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8637, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8642, CVE-2017-8644, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8650, CVE-2017-8652, CVE-2017-8653, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8659, CVE-2017-8661, CVE-2017-8662, CVE-2017-8664, CVE-2017-8672, CVE-2017-8673, CVE-2017-8674, CVE-2017-8666, CVE-2017-8669, CVE-2017-8670 and then CVE-2017-8671
Impact: Multiple
KB4034733: Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8635, CVE-2017-8636, CVE-2017-8641, CVE-2017-8651, CVE-2017-8653, CVE-2017-8669 and then CVE-2017-0228
Impact: Remote Code Execution
KB4034681: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8635, CVE-2017-8636, CVE-2017-8641, CVE-2017-8653, CVE-2017-8664, CVE-2017-8666, CVE-2017-8668 and then CVE-2017-8669
Impact: Multiple
KB4034665: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8635, CVE-2017-8636, CVE-2017-8641, CVE-2017-8651, CVE-2017-8653, CVE-2017-8664, CVE-2017-8666 and then CVE-2017-8668
Impact: Elevation of Privilege, Remote Code Execution, Denial of Service and then Information Disclousre
KB4034662: Adobe Flash Player Multiple Remote Code Execution Vulnerabilites
Severity Rating: Critical
CVE’s: CVE-2017-3085 and then CVE-2017-3106
Impact: Remote Code Execution
KB4022750: Microsoft Windows Denial of Service Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-0174
Impact: Denial of Service
KB4034034: Microsoft Windows Remote Code Execution Vulnerabilites
Severity Rating: Critical
CVE’s: CVE-2017-8620
Impact: Remote Code Execution
KB4034744: Microsoft Windows Information Disclosure Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8668
Impact: Information Disclosure
KB4035056: Microsoft Windows Remote Code Execution Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8691
Impact: Remote Code Execution
KB4035679: Microsoft Windows Elevation of Privilege Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8633
Impact: Elevation of Privilege
KB4034745: Microsoft Windows Elevation of Privilege Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8624
Impact: Elevation of Privilege
KB4035055: Microsoft Windows Elevation of Privilege And Information Disclosure Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-8593, CVE-2017-8666
Impact: Elevation of Privilege And then Information Disclosure
KB4034672: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important/Critical
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8591, CVE-2017-8593,
CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8664, CVE-2017-8666 and then
CVE-2017-8668
Impact: Elevation of Privilege, Denial of Service and then Information Disclosure
KB4034660: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important/Critical
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8503, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8625, CVE-2017-8633, CVE-2017-8635, CVE-2017-8636, CVE-2017-8640, CVE-2017-8641, CVE-2017-8644, CVE-2017-8645, CVE-2017-8646, CVE-2017-8652, CVE-2017-8653, CVE-2017-8655, CVE-2017-8657, CVE-2017-8664, CVE-2017-8666, CVE-2017-8669, CVE-2017-8671 and then CVE-2017-8672
Impact: Elevation of Privilege, Security Feature Bypass, Remote Code Execution, Denial of Service and then Information Disclousre
KB4034775: Microsoft Windows Remote Code Execution Vulnerabilites
Severity Rating: Critical
CVE’s: CVE-2017-0250
Impact: Remote Code Execution
KB4034664: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Critical/Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8636, CVE-2017-8641, CVE-2017-8653, CVE-2017-8666, CVE-2017-8668 and then CVE-2017-8691
Impact: Elevation of Privilege, Remote Code Execution and then Denial of Service
KB4034679: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Critical/Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8666, CVE-2017-8668 and then CVE-2017-8691
Impact: Elevation of Privilege, Remote Code Execution and then Denial of Service
KB4034666: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8633, CVE-2017-8635, CVE-2017-8636, CVE-2017-8641, CVE-2017-8651, CVE-2017-8653, CVE-2017-8664, CVE-2017-8666 and then CVE-2017-8668
Impact: Elevation of Privilege, Remote Code Execution, Denial of Service, and then Information Disclousre
KB4034668: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Critical/Important
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8624, CVE-2017-8625, CVE-2017-8633, CVE-2017-8635, CVE-2017-8644, CVE-2017-8652, CVE-2017-8653, CVE-2017-8655, CVE-2017-8664, CVE-2017-8666, CVE-2017-8669, CVE-2017-8672, CVE-2017-8636, CVE-2017-8640 and then CVE-2017-8641
Impact: Denial of Service, Remote Code Execution and then Elevation of Privilege
KB4019090: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019091: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4032542: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019092: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019093: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4036996: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019086: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019088: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4034658: Microsoft Windows Multiple Vulnerabilities
Severity Rating: Important/Critical
CVE’s: CVE-2017-0174, CVE-2017-0250, CVE-2017-0293, CVE-2017-8503, CVE-2017-8591, CVE-2017-8593, CVE-2017-8620, CVE-2017-8623, CVE-2017-8624, CVE-2017-8625, CVE-2017-8633, CVE-2017-8635, CVE-2017-8636, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8644, CVE-2017-8645, CVE-2017-8646, CVE-2017-8652, CVE-2017-8653, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8661, CVE-2017-8664, CVE-2017-8666, CVE-2017-8672, CVE-2017-8669, CVE-2017-8670 and then CVE-2017-8671
Impact: Elevation of Privilege, Remote Code Execution, Denial of Service and then Information Disclosure
KB2956077: Microsoft Office SharePoint XSS Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8654
Impact: Spoofing
KB4019095: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4019089: Microsoft SQL Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8516
Impact: Information Disclosure
KB4022714: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important/Critical
CVE’s: CVE-2017-0193, CVE-2017-8473, CVE-2017-8474, CVE-2017-8527, CVE-2017-0216, CVE-2017-0218, CVE-2017-0219, CVE-2017-0282, CVE-2017-8475, CVE-2017-8476, CVE-2017-8477, CVE-2017-8529, CVE-2017-8530, CVE-2017-8531, CVE-2017-0283, CVE-2017-0284, CVE-2017-8478, CVE-2017-8479, CVE-2017-8532, CVE-2017-8533, CVE-2017-0285, CVE-2017-0287, CVE-2017-8480, CVE-2017-8481, CVE-2017-8543, CVE-2017-0288, CVE-2017-0289, CVE-2017-8482, CVE-2017-8483, CVE-2017-8544, CVE-2017-8547, CVE-2017-8548, CVE-2017-8549, CVE-2017-0291, CVE-2017-0292, CVE-2017-8484, CVE-2017-8485, CVE-2017-0294, CVE-2017-0296, CVE-2017-8489, CVE-2017-8490, CVE-2017-0297, CVE-2017-0298, CVE-2017-0299, CVE-2017-8491, CVE-2017-8492, CVE-2017-0300, CVE-2017-8460, CVE-2017-8493, CVE-2017-8494, CVE-2017-8462, CVE-2017-8464, CVE-2017-8470, CVE-2017-8471, CVE-2017-8522, CVE-2017-8523, CVE-2017-8524, CVE-2017-8465, CVE-2017-8466, CVE-2017-8468, CVE-2017-8515, CVE-2017-8517, CVE-2017-8554, CVE-2017-8575 and then CVE-2017-8518
Impact: Elevation of Privilege, Security Feature Bypass, Remote Code Execution, Denial of Service and then Information Disclousre
KB4022715: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important,Moderate,Critical
CVE’s: CVE-2017-8470, CVE-2017-8471, CVE-2017-8522, CVE-2017-8523, CVE-2017-8524, CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, CVE-2017-0219, CVE-2017-0282, CVE-2017-8475, CVE-2017-8476, CVE-2017-8529, CVE-2017-8530, CVE-2017-8531, CVE-2017-0283, CVE-2017-8477, CVE-2017-8478, CVE-2017-8532, CVE-2017-8533, CVE-2017-0284, CVE-2017-0285, CVE-2017-8479, CVE-2017-8480, CVE-2017-8481, CVE-2017-8543, CVE-2017-0287, CVE-2017-0288, CVE-2017-8482, CVE-2017-8483, CVE-2017-8544, CVE-2017-8547, CVE-2017-8548, CVE-2017-8549, CVE-2017-0289, CVE-2017-0291, CVE-2017-0292, CVE-2017-8484, CVE-2017-8485, CVE-2017-8553, CVE-2017-0294, CVE-2017-0295, CVE-2017-0296, CVE-2017-8489, CVE-2017-0297, CVE-2017-0298, CVE-2017-8490, CVE-2017-8491, CVE-2017-8492, CVE-2017-0299, CVE-2017-0300, CVE-2017-8460, CVE-2017-8493, CVE-2017-8494, CVE-2017-8496, CVE-2017-8497, CVE-2017-8498, CVE-2017-8504, CVE-2017-8462, CVE-2017-8464, CVE-2017-8465, CVE-2017-8466, CVE-2017-8468, CVE-2017-8515, CVE-2017-8517 and then CVE-2017-0173,
KB4022727: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important/Critical
CVE’s: CVE-2017-0193, CVE-2017-8473, CVE-2017-8474, CVE-2017-8527, CVE-2017-0218, CVE-2017-0219, CVE-2017-0282, CVE-2017-8475, CVE-2017-8476, CVE-2017-8529, CVE-2017-8530, CVE-2017-8531, CVE-2017-0283, CVE-2017-0284, CVE-2017-8477, CVE-2017-8478, CVE-2017-8532, CVE-2017-0285, CVE-2017-8479, CVE-2017-8480, CVE-2017-8533, CVE-2017-8543, CVE-2017-0287, CVE-2017-0288, CVE-2017-8481, CVE-2017-8482, CVE-2017-8483, CVE-2017-8544, CVE-2017-8547, CVE-2017-8548, CVE-2017-8549, CVE-2017-0289, CVE-2017-0291, CVE-2017-0292, CVE-2017-8484, CVE-2017-8485, CVE-2017-0294, CVE-2017-0296, CVE-2017-8489, CVE-2017-0297, CVE-2017-0298, CVE-2017-8490, CVE-2017-8491, CVE-2017-0299, CVE-2017-0300, CVE-2017-8460, CVE-2017-8492, CVE-2017-8493, CVE-2017-8494, CVE-2017-8462, CVE-2017-8464, CVE-2017-8470, CVE-2017-8471, CVE-2017-8522, CVE-2017-8523, CVE-2017-8524, CVE-2017-8465, CVE-2017-8466, CVE-2017-8468, CVE-2017-8517, CVE-2017-8554, CVE-2017-8575 and then CVE-2017-8518
Impact: Elevation of Privilege, Security Feature Bypass, Remote Code Execution, Denial of Service and then Information Disclousre
KB4022725: Microsoft Windows Multiple Vulnerabilites
Severity Rating: Important,Critical
CVE’s: CVE-2017-8474, CVE-2017-8524, CVE-2017-8527, CVE-2017-8475, CVE-2017-8476, CVE-2017-8529, CVE-2017-8530, CVE-2017-0282, CVE-2017-0283, CVE-2017-8477, CVE-2017-8478, CVE-2017-8531, CVE-2017-8532, CVE-2017-0285, CVE-2017-8479, CVE-2017-8480, CVE-2017-8533, CVE-2017-8543, CVE-2017-0287, CVE-2017-0288, CVE-2017-8481, CVE-2017-8482, CVE-2017-8544, CVE-2017-8547, CVE-2017-8548, CVE-2017-8549, CVE-2017-0289, CVE-2017-0291, CVE-2017-8483, CVE-2017-8484, CVE-2017-8555, CVE-2017-0292, CVE-2017-0294, CVE-2017-0295, CVE-2017-8485, CVE-2017-8489, CVE-2017-0296, CVE-2017-0297, CVE-2017-0298, CVE-2017-8490, CVE-2017-8491, CVE-2017-0299, CVE-2017-0300, CVE-2017-8492, CVE-2017-8493, CVE-2017-8498, CVE-2017-8499, CVE-2017-8504, CVE-2017-8460, CVE-2017-8462, CVE-2017-8470, CVE-2017-8471, CVE-2017-8520, CVE-2017-8521, CVE-2017-8522, CVE-2017-8523, CVE-2017-8464, CVE-2017-8465, CVE-2017-8515, CVE-2017-8517, CVE-2017-8554, CVE-2017-8575 and then CVE-2017-8518
Impact: Elevation of Privilege, Security Feature Bypass, Remote Code Execution, Denial of Service and then Information Disclousre
KB3213643: Microsoft Outlook Multiple Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8571, CVE-2017-8572, CVE-2017-8663
Impact: Information Disclosure, Security Feature Bypass and then Remote Code Execution
KB4011052: Microsoft Outlook Multiple Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8571, CVE-2017-8572, CVE-2017-8663
Impact: Information Disclosure, Security Feature Bypass and then Remote Code Execution
KB2956078: Microsoft Outlook Multiple Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8571, CVE-2017-8572, CVE-2017-8663
Impact: Information Disclosure, Security Feature Bypass and then Remote Code Execution
KB4011078: Microsoft Outlook Multiple Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8571, CVE-2017-8572, CVE-2017-8663
Impact: Information Disclosure, Security Feature Bypass and then Remote Code Execution
Also, SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Furthermore, Download Saner now and keep your systems updated and secure.