Patch Tuesday: Microsoft Security Bulletin Summary for November 2017

Microsoft November 2017 Patch Tuesday addresses 53 security vulnerabilities in six of it’s main product categories. Amoung these 19 CVE’s are rated as Critical, 31 are rated as Important, and 3 are moderate.

None of the Windows OS patches are rated as critical, and there are no zero days patched in this month.
But according to Zero-Day Initiative, below CVE’s can be used to spread malware.
"CVE-2017-11830 patches a Device Guard security feature bypass vulnerability that would allow malware authors to execute malicious files by making untrusted files seem trusted."
"CVE-2017-11877 fixes an Excel security feature bypass vulnerability that fails to enforce macro settings, which are often used by malware developers."

This month patches also include four publicly known exploits,
CVE-2017-8700 (an information disclosure flaw in ASP.NET Core)
CVE-2017-11827 (Microsoft browsers remote code execution)
CVE-2017-11848 (Internet Explorer information disclosure)
CVE-2017-11883 (denial of service affecting ASP.NET Core)


17 year old bug invites attackers to install malware remotely:

MS Office components fail to properly handle objects in memory and corrupting memory in such a way that the attacker could execute malicious code in the context of the logged-in user.

Product: All versions of Microsoft Office released in the past 17 years.
CVECVE-2017-11882
Impact: Remote code execution.
Platform: All versions of Windows operating system.


The November security release consists of security updates for the following software:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ASP.NET Core and .NET Core
  • Chakra Core

Microsoft security bulletin summary for November 2017:


Product: Internet Explorer
CVE’s : CVE-2017-11791, CVE-2017-11827, CVE-2017-11834, CVE-2017-11837, CVE-2017-11838, CVE-2017-11843, CVE-2017-11846, CVE-2017-11848, CVE-2017-11855, CVE-2017-11856, CVE-2017-11858, CVE-2017-11869
Impact: Remote Code Execution, Information Disclosure.
Severity Rating: Critical and Important.
KB’s: KB4042895, KB4047206, KB4048952, KB4048953, KB4048954, KB4048955, KB4048956, KB4048957, KB4048958, KB4048959


Product: Microsoft Edge
CVE’s : CVE-2017-11791, CVE-2017-11803, CVE-2017-11827, CVE-2017-11833, CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11844, CVE-2017-11845, CVE-2017-11846, CVE-2017-11858, CVE-2017-11861, CVE-2017-11862, CVE-2017-11863, CVE-2017-11866, CVE-2017-11870, CVE-2017-11871, CVE-2017-11872, CVE-2017-11873, CVE-2017-11874
Impact: Remote Code Execution, Information Disclosure, Security Feature Bypass.
Severity Rating: Critical and Important
KB’s: KB4048952, KB4048953, KB4048954, KB4048955, KB4048956


Product: Microsoft Windows
CVE’s : CVE-2017-11768, CVE-2017-11788, CVE-2017-11830, CVE-2017-11831, CVE-2017-11832, CVE-2017-11835, CVE-2017-11842, CVE-2017-11847, CVE-2017-11849, CVE-2017-11850, CVE-2017-11851, CVE-2017-11852, CVE-2017-11853, CVE-2017-11880, CVE-2017-13080
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Security Feature Bypass
Severity Rating: Important
KB’s: KB4041676, KB4041678, KB4041679, KB4041681, KB4041687, KB4041689, KB4041690, KB4041691, KB4041693, KB4042723, KB4042895, KB4046184, KB4047211, KB4048952, KB4048953, KB4048954, KB4048955, KB4048956, KB4048957, KB4048958, KB4048959, KB4048960, KB4048961, KB4048962, KB4048968, KB4048970, KB4049164


Product: Microsoft Office and Microsoft Office Services and Web Apps
CVE’s : CVE-2017-11854, CVE-2017-11876, CVE-2017-11877, CVE-2017-11878, CVE-2017-11882, CVE-2017-11884
Impact: Elevation of Privilege, Remote Code Execution, Security Feature Bypass
Severity Rating: Important
KB’s: KB2553204, KB3162047, KB4011197, KB4011199, KB4011205, KB4011206, KB4011220, KB4011233, KB4011242, KB4011244, KB4011245, KB4011247, KB4011250, KB4011257, KB4011262, KB4011264, KB4011265, KB4011266, KB4011267, KB4011268, KB4011270, KB4011271, KB4011276


Product: ASP.NET Core and .NET Core
CVE’s : CVE-2017-11770, CVE-2017-11879, CVE-2017-11883, CVE-2017-8700
Impact: Denial of Service, Elevation of Privilege, Information Disclosure
Severity Rating: Important


Product: Chakra Core
CVE’s : CVE-2017-11791, CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11870, CVE-2017-11871, CVE-2017-11873, CVE-2017-11874
Impact: Remote Code Execution, Information Disclosure, Security Feature Bypass
Severity Rating: Critical and Important


SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.


Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments