June 2017 - Microsoft Releases 15 Security Patches

  Advisory Date: JUN 14, 2017

  DESCRIPTION

Microsoft addresses several vulnerabilities in its June batch of patches:

  • MS08-067 | Vulnerability in Server Service Could Allow Remote Code Execution (958644)
    Risk Rating: Critical

    This security update resolves a vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request.


  • MS09-050 | Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
    Risk Rating: Critical

    This security update resolves three vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service.


  • MS10-061 | Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
    Risk Rating: Critical

    This security update resolves a vulnerability in the Print Spooler service. The vulnerability could allow remote code execution if an attacker sends a specially crafted print request to a vulnerable system that has a print spooler interface exposed over RPC.


  • MS14-068 | Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
    Risk Rating: Critical

    This security update resolves a vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers.


  • MS17-010 | Security Update for Microsoft Windows SMB Server (4013389)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.


  • MS17-013 | Security Update for Microsoft Graphics Component (4013075)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.


  • CVE-2017-0176 | Remote Desktop Protocol Remote Code Execution Vulnerability (CVE-2017-0176 )
    Risk Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Protocol (RDP) if the RDP server has Smart Card authentication enabled. An attacker who successfully exploited this vulnerability could execute code on the target system.


  • CVE-2017-0222| Internet Explorer Memory Corruption Vulnerability (CVE-2017-0222)
    Risk Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.


  • CVE-2017-0231 | Microsoft Browser Spoofing Vulnerability
    Risk Rating: Critical

    This vulnerability exists in Internet Explorer 11 and Microsoft Edge browsers. The vulnerability lies in the rendering of SmartScreen Filter.


  • CVE-2017-0267 - CVE-2017-0280 | Security Update for Microsoft Windows SMB (CVEs 2017-0267 through 2017-0280)
    Risk Rating: Critical

    Security updates exist in Microsoft Windows SMB. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted packets to a Microsoft Server Message Block 1.0 (SMBv1) server.


  • CVE-2017-7269 | WebDAV Remote Code Execution Vulnerability (CVE-2017-7269)
    Risk Rating: Critical

    A vulnerability exists in IIS when WebDAV improperly handles objects in memory, which could allow an attacker to run arbitrary code on the user’s system. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.


  • CVE-2017-8461 | Windows RPC Remote Code Execution Vulnerability (CVE-2017-8461)
    Risk Rating: Critical

    A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


  • CVE-2017-8464 | LNK Remote Code Execution Vulnerability (CVE-2017-8464)
    Risk Rating: Critical

    A remote code execution exists in Microsoft Windows that could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.


  • CVE-2017-8487 | Windows olecnv32.dll Remote Code Execution Vulnerability (CVE-2017-8487)
    Risk Rating: Critical

    A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.


  • CVE-2017-8543 | Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
    Risk Rating: Critical

    A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system.


  • CVE-2017-8552 | Win32k Elevation of Privilege Vulnerability
    Risk Rating: Important

    An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection and IDF Compatibility
CVE-2017-8529 1008444 Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2017-8529) 14-June-17 YES
CVE-2017-8547 1008446 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8547) 14-June-17 YES
CVE-2017-8509 1008441 Microsoft Office Remote Code Execution Vulnerability (CVE-2017-8509) 14-June-17 YES
CVE-2017-8464 1008435 Microsoft Windows LNK Remote Code Execution Vulnerability (CVE-2017-8464) 14-June-17 YES
CVE-2017-8346 1008428 ImageMagick Denial Of Service Vulnerability (CVE-2017-8346) 14-June-17 YES
CVE-2017-8496 1008439 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8496) 14-June-17 YES
CVE-2017-0215 1008434 Microsoft Device Guard Code Integrity Policy Security Feature Bypass Vulnerability (CVE-2017-0215) 14-June-17 YES
CVE-2017-8510 1008442 Microsoft Office Remote Code Execution Vulnerability (CVE-2017-8510) 14-June-17 YES
CVE-2017-8465, CVE-2017-8466, CVE-2017-8468 1008448 Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (June-2017) 14-June-17 YES
CVE-2017-8497 1008440 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8497) 14-June-17 YES
CVE-2017-8524 1008443 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8524) 14-June-17 YES

  SOLUTION

Related Malware