March 2017 - Microsoft Releases 18 Security Advisories
Publish Date: 02 de maja de 2017
Advisory Date: 14 de marca de 2017
DESCRIPTION
Microsoft addresses several vulnerabilities in its March batch of patches. More information are found in the Trend Micro Security Intelligence Blog.
- (MS17-006) Cumulative Security Update for Internet Explorer (4013073)
Risk Rating: Critical
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. - (MS17-007) Cumulative Security Update for Microsoft Edge (4013071)
Risk Rating: Critical
This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. - (MS17-008) Security Update for Windows Hyper-V (4013082)
Risk Rating: Critical
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. - (MS17-009) Security Update for Microsoft Windows PDF Library (4010319)
Risk Rating: Critical
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. - (MS17-010) Security Update for Microsoft Windows SMB Server (4013389)
Risk Rating: Critical
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. - (MS17-011) Security Update for Microsoft Uniscribe (4013076)
Risk Rating: Critical
This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. - (MS17-012) Security Update for Microsoft Windows (4013078)
Risk Rating: Critical
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server. - (MS17-013) Security Update for Microsoft Graphics Component (4013075)
Risk Rating: Critical
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. - (MS17-014) Security Update for Microsoft Office (4013241)
Risk Rating: Important
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. - (MS17-015) Security Update for Windows Kernel (3199720)
Risk Rating: Important
This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server. - (MS17-016) Security Update for Windows IIS (4013074)
Risk Rating: Important
This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. - (MS17-017) Security Update for Windows Kernel (4013081)
Risk Rating: Important
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application. - (MS17-018) Security Update for Windows Kernel-Mode Drivers (4013083)
Risk Rating: Important
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. - (MS17-019) Security Update for Active Directory Federation Services (4010320)
Risk Rating: Important
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system. - (MS17-020) Security Update for Windows DVD Maker (3208223)
Risk Rating: Important
This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system. - (MS17-021) Security Update for Windows DirectShow (4010318)
Risk Rating: Important
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. - (MS17-022) Security Update for Microsoft XML Core Services (4010321)
Risk Rating: Important
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message. - (MS17-023) Security Update for Adobe Flash Player (4014329))
Risk Rating: Critical
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
INFORMATION EXPOSURE
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
MS Bulletin ID | Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection and IDF Compatibility |
MS17-007 | CVE-2017-0066 | 1008212 | Microsoft Edge Security Feature Bypass Vulnerability (CVE-2017-0066) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0140 | 1008221 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0140) | 14-Mar-17 | YES |
MS17-012 | CVE-2017-0100 | 1008237 | Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2017-0100) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0020 | 1008164 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0020) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0019 | 1008163 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0019) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0040 | 1008154 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0040) | 14-Mar-17 | YES |
MS16-129 | CVE-2016-7201 | 1008009 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0133 | 1008220 | Microsoft Edge Scripting Engine Memory Corruption Vulnerabilty (CVE-2017-0133) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0059 | 1008208 | Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0059) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0011 | 1008157 | Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0011) | 14-Mar-17 | YES |
MS17-006, MS17-007 | CVE-2017-0033 | 1008152 | Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2017-0033) | 14-Mar-17 | YES |
MS17-013 | CVE-2017-0060 | 1008238 | Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0060) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0154 | 1008249 | Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2017-0154) | 14-Mar-17 | YES |
MS16-133 | CVE-2016-7232 | 1008023 | Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0006 | 1008242 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0006) | 14-Mar-17 | YES |
MS17-006 | CVE-CVE-2017-0130 | 1008209 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0130) | 14-Mar-17 | YES |
MS16-132 | CVE-2016-7256 | 1008036 | Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256) | 14-Mar-17 | YES |
MS17-013/font> | CVE-2017-0073 | 1008240 | Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0073) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0105 | 1008245 | Microsoft Office Information Disclosure Vulnerability (CVE-2017-0105) | 14-Mar-17 | YES |
MS17-006, MS17-007 | CVE-2017-0009 | 1008150 | Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0009) | 14-Mar-17 | YES |
MS17-011 | CVE-2017-0072, CVE-2017-01211 | 1008236 | Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) | 14-Mar-17 | YES |
MS17-007, MS17-009 | CVE-2017-0023 | 1008168 | Microsoft Windows PDF Library Memory Corruption Vulnerability (CVE-2017-0023) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0131 | 1008219 | Microsoft Edge Out Of Bounds Read Vulnerability (CVE-2017-0131) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0067 | 1008215 | Microsoft Edge Spoofing Vulnerability (CVE-2017-0069) | 14-Mar-17 | YES |
MS17-022 | CVE-2017-0022 | 1008173 | Microsoft XML Core Service Information Disclosure Vulnerability (CVE-2017-0022) | 14-Mar-17 | YES |
MS17-011 | CVE-2017-0083, CVE-2017-0086, CVE-2017-0087, CVE-2017-0090 | 1008235 | Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 2 | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0070 | 1008216 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0070) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0008 | 1008149 | Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0008) | 14-Mar-17 | YES |
MS17-010 | CVE-2017-0148 | 1008228 | Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0148) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0017 | 1008159 | Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0017) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0035 | 1008161 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0035) | 14-Mar-17 | YES |
MS17-013 | CVE-2017-0062 | 1008239 | Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0062) | 14-Mar-17 | YES |
MS17-017 | CVE-2017-0050 | 1008172 | Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-0050) | 14-Mar-17 | YES |
MS17-013 | CVE-2017-0047 | 1008176 | Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2017-0047) | 14-Mar-17 | YES |
MS17-013 | CVE-2017-0014 | 1008169 | Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2017-0014) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0034 | 1008210 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0034) | 14-Mar-17 | YES |
MS17-010 | CVE-2017-0145 | 1008225 | Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0145) | 14-Mar-17 | YES |
MS17-012 | CVE-2017-0039 | 1008177 | Microsoft Windows DLL Loading Vulnerability Over Network Share (CVE-2017-0039) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0141 | 1008222 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0141) | 14-Mar-17 | YES |
MS17-013 | CVE-2017-0108 | 1008241 | Microsoft Windows GDI Remote Code Execution Vulnerability (CVE-2017-0108) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0030, CVE-2017-0031 | 1008167 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0030 and CVE-2016-0031) | 14-Mar-17 | YES |
MS16-148 | CVE-2016-7275 | 1008187 | Microsoft Office OLE DLL Loading Vulnerability Over Network Share (CVE-2016-7275) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0149 | 1008250 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0149) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0027 | 1008165 | Microsoft Office Information Disclosure Vulnerability (CVE-2017-0027) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0094 | 1008218 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0094) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0053 | 1008244 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0053) | 14-Mar-17 | YES |
MS17-010 | CVE-2017-0144, CVE-2017-0146 | 1008151 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0018) | 14-Mar-17 | YES |
MS17-017 | CVE-2017-0103 | 1008247 | Microsoft Windows Registry Elevation Of Privilege Vulnerability (CVE-2017-0103) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0071 | 1008217 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0071) | 14-Mar-17 | YES |
MS17-018 | CVE-2017-0056, CVE-2017-0078, CVE-2017-0079, CVE-2017-0080, CVE-2017-0081, CVE-2017-0082 | 1008248 | Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS17-018) | 14-Mar-17 | YES |
MS17-021 | CVE-2017-0042 | 1008174 | Microsoft Windows DirectShow Information Disclosure Vulnerability (CVE-2017-0042) | 14-Mar-17 | YES |
MS17-012 | CVE-2017-0039 | 1008170 | Microsoft Windows DLL Loading Vulnerability Over WebDAV (CVE-2017-0039) | 14-Mar-17 | YES |
MS17-006 | CVE-2017-0049 | 1008155 | Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability (CVE-2017-0049) | 14-Mar-17 | YES |
MS17-014 | CVE-2017-0052 | 1008243 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0052) | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0010 | 1008156 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0010) | 14-Mar-17 | YES |
MS17-007 | CCVE-2017-0015 | 1008158 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0015) | 14-Mar-17 | YES |
MS17-007 | MS17-007 | 1008211 | Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0065) | 14-Mar-17 | YES |
MS17-011 | MS17-011 | 1008234 | Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 1 | 14-Mar-17 | YES |
MS17-007 | CVE-2017-0032 | 1008160 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0032) | 14-Mar-17 | YES |