Advisory Date: 14 de марта de 2017

  DESCRIPTION

Microsoft addresses several vulnerabilities in its March batch of patches. More information are found in the Trend Micro Security Intelligence Blog.

  • (MS17-006) Cumulative Security Update for Internet Explorer (4013073)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.


  • (MS17-007) Cumulative Security Update for Microsoft Edge (4013071)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system.


  • (MS17-008) Security Update for Windows Hyper-V (4013082)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code.


  • (MS17-009) Security Update for Microsoft Windows PDF Library (4010319)
    Risk Rating: Critical

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.


  • (MS17-010) Security Update for Microsoft Windows SMB Server (4013389)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.


  • (MS17-011) Security Update for Microsoft Uniscribe (4013076)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document.


  • (MS17-012) Security Update for Microsoft Windows (4013078)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.


  • (MS17-013) Security Update for Microsoft Graphics Component (4013075)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.


  • (MS17-014) Security Update for Microsoft Office (4013241)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.


  • (MS17-015) Security Update for Windows Kernel (3199720)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.


  • (MS17-016) Security Update for Windows IIS (4013074)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server.


  • (MS17-017) Security Update for Windows Kernel (4013081)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.


  • (MS17-018) Security Update for Windows Kernel-Mode Drivers (4013083)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.


  • (MS17-019) Security Update for Active Directory Federation Services (4010320)
    Risk Rating: Important

    This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.


  • (MS17-020) Security Update for Windows DVD Maker (3208223)
    Risk Rating: Important

    This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.


  • (MS17-021) Security Update for Windows DirectShow (4010318)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website.


  • (MS17-022) Security Update for Microsoft XML Core Services (4010321)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.


  • (MS17-023) Security Update for Adobe Flash Player (4014329))
    Risk Rating: Critical

    This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection and IDF Compatibility
MS17-007 CVE-2017-0066 1008212 Microsoft Edge Security Feature Bypass Vulnerability (CVE-2017-0066) 14-Mar-17 YES
MS17-007 CVE-2017-0140 1008221 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0140) 14-Mar-17 YES
MS17-012 CVE-2017-0100 1008237 Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2017-0100) 14-Mar-17 YES
MS17-014 CVE-2017-0020 1008164 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0020) 14-Mar-17 YES
MS17-014 CVE-2017-0019 1008163 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0019) 14-Mar-17 YES
MS17-006 CVE-2017-0040 1008154 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0040) 14-Mar-17 YES
MS16-129 CVE-2016-7201 1008009 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201) 14-Mar-17 YES
MS17-007 CVE-2017-0133 1008220 Microsoft Edge Scripting Engine Memory Corruption Vulnerabilty (CVE-2017-0133) 14-Mar-17 YES
MS17-006 CVE-2017-0059 1008208 Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0059) 14-Mar-17 YES
MS17-007 CVE-2017-0011 1008157 Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0011) 14-Mar-17 YES
MS17-006, MS17-007 CVE-2017-0033 1008152 Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2017-0033) 14-Mar-17 YES
MS17-013 CVE-2017-0060 1008238 Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0060) 14-Mar-17 YES
MS17-006 CVE-2017-0154 1008249 Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2017-0154) 14-Mar-17 YES
MS16-133 CVE-2016-7232 1008023 Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232) 14-Mar-17 YES
MS17-014 CVE-2017-0006 1008242 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0006) 14-Mar-17 YES
MS17-006 CVE-CVE-2017-0130 1008209 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0130) 14-Mar-17 YES
MS16-132 CVE-2016-7256 1008036 Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256) 14-Mar-17 YES
MS17-013/font> CVE-2017-0073 1008240 Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0073) 14-Mar-17 YES
MS17-014 CVE-2017-0105 1008245 Microsoft Office Information Disclosure Vulnerability (CVE-2017-0105) 14-Mar-17 YES
MS17-006, MS17-007 CVE-2017-0009 1008150 Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0009) 14-Mar-17 YES
MS17-011 CVE-2017-0072, CVE-2017-01211 1008236 Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) 14-Mar-17 YES
MS17-007, MS17-009 CVE-2017-0023 1008168 Microsoft Windows PDF Library Memory Corruption Vulnerability (CVE-2017-0023) 14-Mar-17 YES
MS17-007 CVE-2017-0131 1008219 Microsoft Edge Out Of Bounds Read Vulnerability (CVE-2017-0131) 14-Mar-17 YES
MS17-007 CVE-2017-0067 1008215 Microsoft Edge Spoofing Vulnerability (CVE-2017-0069) 14-Mar-17 YES
MS17-022 CVE-2017-0022 1008173 Microsoft XML Core Service Information Disclosure Vulnerability (CVE-2017-0022) 14-Mar-17 YES
MS17-011 CVE-2017-0083, CVE-2017-0086, CVE-2017-0087, CVE-2017-0090 1008235 Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 2 14-Mar-17 YES
MS17-007 CVE-2017-0070 1008216 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0070) 14-Mar-17 YES
MS17-006 CVE-2017-0008 1008149 Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0008) 14-Mar-17 YES
MS17-010 CVE-2017-0148 1008228 Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0148) 14-Mar-17 YES
MS17-007 CVE-2017-0017 1008159 Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0017) 14-Mar-17 YES
MS17-007 CVE-2017-0035 1008161 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0035) 14-Mar-17 YES
MS17-013 CVE-2017-0062 1008239 Microsoft Windows GDI Information Disclosure vulnerability (CVE-2017-0062) 14-Mar-17 YES
MS17-017 CVE-2017-0050 1008172 Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-0050) 14-Mar-17 YES
MS17-013 CVE-2017-0047 1008176 Microsoft Windows GDI Elevation Of Privilege Vulnerability (CVE-2017-0047) 14-Mar-17 YES
MS17-013 CVE-2017-0014 1008169 Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2017-0014) 14-Mar-17 YES
MS17-007 CVE-2017-0034 1008210 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0034) 14-Mar-17 YES
MS17-010 CVE-2017-0145 1008225 Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0145) 14-Mar-17 YES
MS17-012 CVE-2017-0039 1008177 Microsoft Windows DLL Loading Vulnerability Over Network Share (CVE-2017-0039) 14-Mar-17 YES
MS17-007 CVE-2017-0141 1008222 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0141) 14-Mar-17 YES
MS17-013 CVE-2017-0108 1008241 Microsoft Windows GDI Remote Code Execution Vulnerability (CVE-2017-0108) 14-Mar-17 YES
MS17-014 CVE-2017-0030, CVE-2017-0031 1008167 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0030 and CVE-2016-0031) 14-Mar-17 YES
MS16-148 CVE-2016-7275 1008187 Microsoft Office OLE DLL Loading Vulnerability Over Network Share (CVE-2016-7275) 14-Mar-17 YES
MS17-006 CVE-2017-0149 1008250 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0149) 14-Mar-17 YES
MS17-014 CVE-2017-0027 1008165 Microsoft Office Information Disclosure Vulnerability (CVE-2017-0027) 14-Mar-17 YES
MS17-007 CVE-2017-0094 1008218 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0094) 14-Mar-17 YES
MS17-014 CVE-2017-0053 1008244 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0053) 14-Mar-17 YES
MS17-010 CVE-2017-0144, CVE-2017-0146 1008151 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0018) 14-Mar-17 YES
MS17-017 CVE-2017-0103 1008247 Microsoft Windows Registry Elevation Of Privilege Vulnerability (CVE-2017-0103) 14-Mar-17 YES
MS17-007 CVE-2017-0071 1008217 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0071) 14-Mar-17 YES
MS17-018 CVE-2017-0056, CVE-2017-0078, CVE-2017-0079, CVE-2017-0080, CVE-2017-0081, CVE-2017-0082 1008248 Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS17-018) 14-Mar-17 YES
MS17-021 CVE-2017-0042 1008174 Microsoft Windows DirectShow Information Disclosure Vulnerability (CVE-2017-0042) 14-Mar-17 YES
MS17-012 CVE-2017-0039 1008170 Microsoft Windows DLL Loading Vulnerability Over WebDAV (CVE-2017-0039) 14-Mar-17 YES
MS17-006 CVE-2017-0049 1008155 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability (CVE-2017-0049) 14-Mar-17 YES
MS17-014 CVE-2017-0052 1008243 Microsoft Office Memory Corruption Vulnerability (CVE-2017-0052) 14-Mar-17 YES
MS17-007 CVE-2017-0010 1008156 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0010) 14-Mar-17 YES
MS17-007 CCVE-2017-0015 1008158 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0015) 14-Mar-17 YES
MS17-007 MS17-007 1008211 Microsoft Edge Information Disclosure Vulnerability (CVE-2017-0065) 14-Mar-17 YES
MS17-011 MS17-011 1008234 Microsoft Windows Uniscribe Multiple Remote Code Execution Vulnerabilities (MS17-011) - 1 14-Mar-17 YES
MS17-007 CVE-2017-0032 1008160 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0032) 14-Mar-17 YES

  SOLUTION