August 2017 - Microsoft Releases 48 Security Patches
Advisory Date: AUG 09, 2017
DESCRIPTION
Microsoft addresses several vulnerabilities in its August batch of patches:
- CVE-2017-8591 | Windows IME Remote Code Execution Vulnerability
Risk Rating: Critical
This security update resolves a remote code execution vulnerability that exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class. The security update addresses this vulnerability by correcting how Windows IME handles parameters in a method of a DCOM class. - CVE-2017-8593 | Win32k Elevation of Privilege Vulnerability
Risk Rating: Important
This security update resolves an elevation of privilege vulnerability that exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The update addresses this vulnerability by correcting how Win32k handles objects in memory. - CVE-2017-8634 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This security update resolves a vulnerability the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8635 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This security update resolves a vulnerability the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8636 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This security update resolves vulnerabilities in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8637 | Scripting Engine Security Feature Bypass Vulnerability (4013075)
Risk Rating: Important
This security update resolves vulnerabilities in Microsoft Edge. This is the result of how memory is accessed in code compiled by the Edge Just-In-Time (JIT) compiler that allows Arbitrary Code Guard (ACG) to be bypassed. The security update addresses the ACG bypass vulnerability by helping to ensure that Microsoft Edge properly handles accessing memory in code compiled by the Edge JIT compiler. - CVE-2017-8638| Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8639| Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. - CVE-2017-8640 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. - CVE-2017-8662 | Microsoft Edge Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exist in Microsoft Edge. It is a result of how strings are validated in specific scenarios, which can allow an attacker to read sensitive data from memory and thereby potentially bypass Address Space Layout Randomization (ASLR).The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted packets to a Microsoft Server Message Block 1.0 (SMBv1) server. The security update addresses the vulnerability by helping to ensure that Microsoft Edge properly validates strings in affected scenarios. - CVE-2017-8669 |Microsoft Browser Memory Corruption Vulnerability (CVE-2017-7269)
Risk Rating: Critical
A remote code execution vulnerability exists in the way Microsoft browsers handle objects in memory while rendering content. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory. - CVE-2017-8670 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8671 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8672 | Windows olecnv32.dll Remote Code Execution Vulnerability (CVE-2017-8487)
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8654 | Microsoft Office SharePoint XSS Vulnerability
Risk Rating: Critical
A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. - CVE-2017-0174 | Windows NetBIOS Denial of Service Vulnerability
Risk Rating: Important
A denial of service vulnerability exists when Microsoft Windows improperly handles NetBIOS packets. An attacker who successfully exploited this vulnerability could cause a target computer to become completely unresponsive. The update addresses the vulnerability by correcting how the Windows network stack handles NetBIOS traffic. - CVE-2017-0250 | Microsoft JET Database Engine Remote Code Execution Vulnerability
Risk Rating: Critical
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. The update addresses the vulnerability by modifying how the Microsoft JET Database Engine handles objects in memory. - CVE-2017-0293 | Windows PDF Remote Code Execution Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. The update addresses the vulnerability by modifying how affected systems handle objects in memory. - CVE-2017-8503 | Microsoft Edge Elevation of Privilege Vulnerability
Risk Rating: Important
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The security update addresses the vulnerability by modifying how Microsoft Edge handles sandboxing. - CVE-2017-8516 | Microsoft SQL Server Analysis Services Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces permissions. An attacker could exploit the vulnerability if the attacker's credentials allow access to an affected SQL server database. The security update addresses the vulnerability by correcting how SQL Server Analysis Services enforces permissions. - CVE-2017-8620 | Windows Search Remote Code Execution Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. The security update addresses the vulnerability by correcting how Windows Search handles objects in memory. - CVE-2017-8622 | Windows Subsystem for Linux Elevation of Privilege Vulnerability
Risk Rating: Critical
An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles NT pipes. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles NT pipes. - CVE-2017-8624 | Windows CLFS Elevation of Privilege Vulnerability
Risk Rating: Important
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. The update addresses the vulnerability by correcting how CLFS handles objects in memory. - CVE-2017-8625 | Internet Explorer Security Feature Bypass Vulnerability
Risk Rating: Important
A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies. The vulnerability could allow an attacker to bypass Device Guard UCMI policies. The update addresses the vulnerability by correcting how Internet Explorer validates UMCI policies. - CVE-2017-8627 | Windows Subsystem for Linux Denial of Service Vulnerability
Risk Rating: Important
A denial of service vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this vulnerability could cause a denial of service against the local system. The update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. - CVE-2017-8633 | Windows Error Reporting Elevation of Privilege Vulnerability
Risk Rating: Important
This security update resolves a vulnerability in Windows Error Reporting (WER). The vulnerability could allow elevation of privilege if successfully exploited by an attacker. An attacker who successfully exploited this vulnerability could gain greater access to sensitive information and system functionality. - CVE-2017-8641 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8642 | Microsoft Edge Elevation of Privilege Vulnerability
Risk Rating: Important
An elevation of privilege vulnerability exists when Microsoft Edge does not properly validate JavaScript under specific conditions, potentially allowing script to run with elevated privileges. The security update addresses the vulnerability by correcting how Microsoft Edge validates and sanitizes JavaScript parameters. - CVE-2017-8644 | Microsoft Edge Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by changing how certain functions handle objects in memory. - CVE-2017-8645 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8646 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8647 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8650 | Microsoft Edge Security Feature Bypass Vulnerability
Risk Rating: Moderate
A security feature bypass vulnerability exists when Microsoft Edge does not properly enforce same-origin policies, which could allow an attacker to access information from origins outside the current one. In a web-based attack scenario, an attacker could trick a user into loading a webpage with malicious content. The security update addresses the vulnerability by helping to ensure that cross-domain policies are properly enforced in Microsoft Edge. - CVE-2017-8651 | Internet Explorer Memory Corruption Vulnerability
Risk Rating: Moderate
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. - CVE-2017-8652 | Microsoft Edge Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by changing how certain functions handle objects in memory. - CVE-2017-8653 | Microsoft Browser Memory Corruption Vulnerability
Risk Rating: Moderate
A remote code execution vulnerability exists when Microsoft browsers improperly access objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory. - CVE-2017-8655 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Moderate
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8656 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8657 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8659 | Scripting Engine Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by changing how certain functions handle objects in memory. - CVE-2017-8661 | Microsoft Edge Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how affected Microsoft scripting engines handle objects in memory. - CVE-2017-8664 | Windows Hyper-V Remote Code Execution Vulnerability
Risk Rating: Important
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. - CVE-2017-8666 | Win32k Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how win32k handles objects in memory. - CVE-2017-8668 | Volume Manager Extension Driver Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when the Volume Manager Extension Driver component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how Volume Manager Extension Driver handles objects in memory. - CVE-2017-8673 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Risk Rating: Important
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. The update addresses the vulnerability by correcting how RDP handles connection requests. - CVE-2017-8674 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory. - CVE-2017-8691 | Express Compressed Fonts Remote Code Execution Vulnerability
Risk Rating: Important
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits exploited this vulnerability would gain code execution on the target system. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. - CVE-2017-8668 | Volume Manager Extension Driver Information Disclosure Vulnerability
Risk Rating: Important
An information disclosure vulnerability exists when the Volume Manager Extension Driver component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how Volume Manager Extension Driver handles objects in memory.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection and IDF Compatibility |
CVE-2017-0250 | 1008522 | Microsoft Internet Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-0250) | 08-Aug-17 | YES |
CVE-2017-8625 | 1008523 | Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2017-8625) | 08-Aug-17 | YES |