Microsoft July 2017 Patch Tuesday addresses 51 security vulnerabilities in addition to 3 vulnerabilities for Adobe Flash Player. 19 vulnerabilities are rated as Critical, 32 are rated as Important and 3 are rated as Moderate.

12 Critical vulnerabilities affect Microsoft Scripting Engine which can result in Remote Code Execution. The other critical vulnerabilities affect Internet Explorer, Edge, and Windows. Many of the Important vulnerabilities affect Microsoft Office including multiple Remote Code Execution vulnerabilities.

There are two zero-day vulnerabilities LDAP Relay (CVE-2017-8563) and  RDP Relay within the Windows  NT LAN Manager (NTLM) Authentication Protocol, both of which handle the protocol improperly and could allow attackers to create a new domain administrator account and get control of the entire domain. For CVE-2017-8563, a fix was released as part of July’s Patch Tuesday, and for the second issue, Microsoft said it is a “known issue” which requires network configuration to prevent malicious NTLM relays.

Microsoft issued the patch for another critical Remote Code Execution Vulnerability (CVE-2017-8584) in HoloLens device. The vulnerability exists when improperly handled objects in memory due to specially crafted WiFi packets. This results to compromising of Hololens device by receiving WiFi packets, without authentication.

The top priority for the patch is Remote Code Execution Vulnerability in Windows Search service (CVE-2017-8589). This can be exploited remotely via SMB to take complete control of a system and can impact both servers and workstations.

The patching of Windows Elevation of Privilege Vulnerability in NT LAN Manager(CVE-2017-8563)  Authentication Protocol also should be considered as a priority. It could allow the targeted attackers to elevate privileges and obtain administrative access to the domain controller.

Aside from CVE-2017-8589, patching for workstations and multi-user systems should focus on CVE-2017-8463, which is a vulnerability in Windows Explorer, as well as multiple browser vulnerabilities in Internet Explorer and Edge. Exploitation of these vulnerabilities require user interaction, but can easily become targets for Exploit Kits.

Adobe has also published security bulletin APSB17-21, which provides patches covering three vulnerabilities and is labeled as critical.

The July security release consists of security updates for the following software:

  • Adobe Flash Player
  • Microsoft Windows
  • Microsoft Scripting Engine
  • Microsoft Edge Browser
  • Internet Explorer
  • Microsoft Office
  • WordPad
  • HTTP.sys
  • .NET

Microsoft security bulletin summary for July 2017:

KB2880514: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-0243
Impact: Remote Code Execution

KB3191833: Microsoft Excel Viewer Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB3191894: Microsoft Office Excel Remot Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB3191897: Microsoft Office Compatibility Pack Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB3191902: Microsoft SharePoint Server Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB3191907: Microsoft Office Excel Remote Code Execution Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8501, CVE-2017-8502
Impact: Remote Code Execution

KB3203459: Microsoft Business Productivity Servers Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-0243
Impact: Remote Code Execution

KB3203468: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-0243
Impact: Remote Code Execution

KB3203469: Microsoft Office Web Apps Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-0243
Impact: Remote Code Execution

KB3203477: Microsoft Excel Remote Code Execution Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8501, CVE-2017-8502
Impact: Remote Code Execution

KB3212224: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s:  CVE-2017-8501
Impact: Remote Code Execution

KB3213537: Microsoft Excel/Word Remote Code Execution Vulnerabilities
Severity Rating: Important
CVE’s:  CVE-2017-8501, CVE-2017-8502, CVE-2017-8510
Impact: Remote Code Execution

KB3213544: Microsoft SharePoint Enterprise Server Privilege Elevation Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8569
Impact: Remote Code Execution

KB3213545: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8570
Impact: Remote Code Execution

KB3213555: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8570
Impact: Remote Code Execution

KB3213559: Microsoft SharePoint Enterprise Server Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB3213624: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8570
Impact: Remote Code Execution

KB3213640: Microsoft Office Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8570
Impact: Remote Code Execution

KB3213657: Microsoft Office Online Server Remote Code Execution Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8501
Impact: Remote Code Execution

KB4018588: Microsoft Exchange Server Multiple Vulnerabilities
Severity Rating: Important
CVE’s: CVE-2017-8559, CVE-2017-8560, CVE-2017-8621
Impact: Remote Code Execution

KB4022746: Microsoft Windows Server Security Feature Bypass Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8495
Impact: Security Feature Bypass

KB4022748: Microsoft Windows Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8564
Impact: Information Disclosure

KB4022914: Microsoft Windows Server Information Disclosure Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8582
Impact: Information Disclosure

KB4025240: Microsoft Windows Server Security Feature Bypass Vulnerability
Severity Rating: Important
CVE’s: CVE-2017-8592
Impact: Security Feature Bypass

KB4025252: Microsoft Internet Explorer Multiple Vulnerabilities
Severity Rating: Critical
CVE’s: CVE-2017-8592, CVE-2017-8594, CVE-2017-8602, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618
Impact: Remote Code Execution

KB4025331: Microsoft Windows Multiple Vulnerabilities
Severity Rating: Critical
CVE’s: CVE-2017-0170, CVE-2017-8463, CVE-2017-8467, CVE-2017-8486, CVE-2017-8495, CVE-2017-8556, CVE-2017-8557, CVE-2017-8561, CVE-2017-8562, CVE-2017-8563, CVE-2017-8564, CVE-2017-8565, CVE-2017-8573, CVE-2017-8577, CVE-2017-8578, CVE-2017-8580, CVE-2017-8581, CVE-2017-8582, CVE-2017-8587, CVE-2017-8588, CVE-2017-8589, CVE-2017-8590, CVE-2017-8592, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618
Impact: Remote Code Execution

KB4025333: Microsoft Windows Multiple Vulnerabilities
Severity Rating: Critical
CVE’s: CVE-2017-0170, CVE-2017-8463, CVE-2017-8467, CVE-2017-8486, CVE-2017-8495, CVE-2017-8556, CVE-2017-8557, CVE-2017-8561, CVE-2017-8562, CVE-2017-8563, CVE-2017-8564, CVE-2017-8565, CVE-2017-8573, CVE-2017-8577, CVE-2017-8578, CVE-2017-8580, CVE-2017-8581, CVE-2017-8582, CVE-2017-8587, CVE-2017-8588, CVE-2017-8589, CVE-2017-8590, CVE-2017-8592
Impact: Remote Code Execution

KB4025336: Microsoft Windows Multiple Vulnerabilities
Severity Rating: Critical
CVE’s: CVE-2017-0170, CVE-2017-8463, CVE-2017-8467, CVE-2017-8486, CVE-2017-8495, CVE-2017-8556, CVE-2017-8557, CVE-2017-8561, CVE-2017-8562, CVE-2017-8563, CVE-2017-8564, CVE-2017-8565, CVE-2017-8573, CVE-2017-8577, CVE-2017-8578, CVE-2017-8580, CVE-2017-8581, CVE-2017-8582, CVE-2017-8587, CVE-2017-8588, CVE-2017-8589, CVE-2017-8590, CVE-2017-8592, CVE-2017-8594, CVE-2017-8602, CVE-2017-8606, CVE-2017-8607,

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn