Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday

By | August 12, 2017

Microsoft has launched their month-to-month safety bulletin with forty eight safety patches—25 of that are labeled Critical, 21 are Important, and two are Moderate in severity. This was an everyday batch of updates, addressing factors in Internet Explorer, Microsoft Edge, Windows, Microsoft SharePoint, Adobe Flash Player and Microsoft SQL Server.

A majority of the important CVEs are Scripting Engine Memory Corruption Vulnerabilities, which isn’t surprising. Since April of this year, we’ve been seeing a gradual enhance in vulnerabilities for the Scripting Engine. Typically, in a web-based assault scenario, an attacker would leverage Scripting Engine vulnerabilities to create a malicious internet web site after which maneuver prospects to go to the site. This current batch of important vulnerabilities might lead on to distant code execution if exploited successfully.

Some particular CVEs to note:

CVE-2017-8620 – This is a Windows Search Remote Code Execution Vulnerability
that is simply like a earlier Windows Search vulnerability patched in July. An attacker who effectively exploits this CVE can set up programs, manipulate data, create accounts, elevate privilege and take administration of the device. Within an enterprise, an attacker can remotely set off the vulnerability by way of an SMB connection and administration the focused computer. This is a separate SMB vulnerability from SMBLoris, which has already been disclosed however stays unpatched by Microsoft.
CVE-2017-8664 – This Hyper-V Remote Code Execution Vulnerability might allow an attacker on a visitor working system to execute arbitrary code on the host working system.

Adobe’s safety bulletins embody patches for Adobe Flash Player, Adobe Acrobat and Reader, Adobe Experience Manager, and Adobe Digital Editions. Notably, Adobe Reader has forty three important and 24 Important CVEs—a notably massive batch. These vulnerabilities are principally reminiscence corruption factors which will allow an attacker distant code execution on a goal system. Users are inspired to replace to mannequin 26.0.0.151, which is the newest mannequin of Adobe Flash Player.
Trend Micro’s Zero Day Initiative (ZDI) helped inside the disclosure of the subsequent vulnerabilities and/or safety improvements:

CVE-2017-0250
CVE-2017-0293
CVE-2017-3085
CVE-2017-3113
CVE-2017-3115
CVE-2017-3120
CVE-2017-3121
CVE-2017-3122
CVE-2017-3123
CVE-2017-3124
CVE-2017-8503
CVE-2017-8624
CVE-2017-8633
CVE-2017-8641
CVE-2017-8653
CVE-2017-11209
CVE-2017-11210
CVE-2017-11211
CVE-2017-11212
CVE-2017-11214
CVE-2017-11216
CVE-2017-11217
CVE-2017-11218
CVE-2017-11219
CVE-2017-11224
CVE-2017-11223
CVE-2017-11227
CVE-2017-11228
CVE-2017-11230
CVE-2017-11231
CVE-2017-11232
CVE-2017-11233
CVE-2017-11234
CVE-2017-11235
CVE-2017-11236
CVE-2017-11237
CVE-2017-11238
CVE-2017-11239
CVE-2017-11241
CVE-2017-11242
CVE-2017-11243
CVE-2017-11244
CVE-2017-11245
CVE-2017-11246
CVE-2017-11248
CVE-2017-11249
CVE-2017-11251
CVE-2017-11252
CVE-2017-11255
CVE-2017-11256
CVE-2017-11257
CVE-2017-11258
CVE-2017-11259
CVE-2017-11260
CVE-2017-11261
CVE-2017-11265
CVE-2017-11267
CVE-2017-11268
CVE-2017-11269
CVE-2017-11270
CVE-2017-11271

Trend Micro Solutions

The itemizing of Trend Micro Deep Security and Vulnerability Protection DPI guidelines for this month’s Patch Tuesday are listed below:

1008410 – Microsoft .NET Framework Pointer Verification Vulnerability (CVE-2009-0090)
1008522 -Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-0250)
1008523 -Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2017-8625)
1008525 -SMBLoris Denial Of Service Vulnerability

TippingPoint prospects are protected by way of the subsequent MainlineDV filters:

5683: RDP: Windows Remote Desktop Access on Non-Standard Ports
12146: HTTP: Microsoft Excel Record Type Confusion Vulnerability
27746: HTTP: Microsoft Windows PDF Library JPEG2000 Memory Corruption Vulnerability
28184: HTTP: Microsoft Windows advapi32 Type Confusion Vulnerability
29339: SMB: Windows SMB and Samba Denial-of-Service Vulnerability (SMBLoris)
29340: HTTP: Microsoft Windows VBScript CHM Security Bypass Vulnerability
29053: HTTP: Microsoft Jet OLEDB Integer Overflow Vulnerability

Critical Windows Search and Hyper-V Vulnerabilities Tackled by August’s Patch Tuesday




Please check this great service at: http://www.test-net.org/services/network-calculator/ or visit FREE SERVICES menu

[Total: 0    Average: 0/5]

Leave a Reply

Your email address will not be published. Required fields are marked *