May 2017 - Microsoft Releases Security Patches
Advisory Date: 10 de мая de 2017
DESCRIPTION
Microsoft addresses several vulnerabilities in its May batch of patches:
- CVE-2017-0290 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability
Risk Rating: Critical
This vulnerability allows attackers full access to a vulnerable system by exploiting Microsoft Malware Protection Engine's NScript component. It is a remote code execution vulnerability. - CVE-2017-0158 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This vulnerability in the VBScript engine of specific Windows operating systems exists in the way it handles objects in Internet Explorer memory. - CVE-2017-0261 | Microsoft Office Remote Code Execution Vulnerability
Risk Rating: Important
This recmote code execution vulnerability that exists in Microsoft Office in the way it handles malformed graphics image. - CVE-2017-0262 | Microsoft Office Remote Code Execution Vulnerability
Risk Rating: Important
This recmote code execution vulnerability that exists in Microsoft Office in the way it handles malformed graphics image. - CVE-2017-0064 | Internet Explorer Security Feature Bypass Vulnerability
Risk Rating: Low
This vulnerability exists in the way Internet Explorer allows bypass of Mixed Content warnings when loading unsecure content from HTTPS websites. - CVE-2017-0222 | Internet Explorer Memory Corruption Vulnerability
Risk Rating: Moderate
This vulnerability exists in the way Internet Explorer may incorrectly access objects in memory. It is a remote code execution vulnerability. - CVE-2017-0226 | Internet Explorer Memory Corruption Vulnerability
Risk Rating: Important
This vulnerability exists in the way Internet Explorer may incorrectly access objects in memory. It is a remote code execution vulnerability. - CVE-2017-0228 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the JavaScript engine's rendering of objects in memory in Microsoft Edge and Internet Explorer 11 browsers. It is a remote code execution vulnerability. - CVE-2017-0231 | Microsoft Browser Spoofing Vulnerability
Risk Rating: Important
This vulnerability exists in Internet Explorer 11 and Microsoft Edge browsers. The vulnerability lies in the rendering of SmartScreen Filter. - CVE-2017-0238 | Scripting Engine Memory Corruption Vulnerability
Risk Rating: Important
This vulnerability exists in the Microsoft Edge browser's JavaScript scripting engine. The vulnerability lies in the way the engine handles objects in memory.
INFORMATION EXPOSURE
The following Trend Micro products have released specific rules for CVE-2017-0290:
| Product | Rule Name |
| TippingPoint | 28221: HTTP: Microsoft Malware Protection Engine mpengine Type Confusion Vulnerability |
| Deep Security and Vulnerability Protection | 1008370 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CVE-2017-0290) |
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
| Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection and IDF Compatibility |
| CVE-2017-0227 | 1008334 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0227) | 10-May-17 | YES |
| CVE-2017-0077, CVE-2017-0175, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0259, CVE-2017-0263 | 1008341 | Microsoft Windows Multiple Security Vulnerabilities (May-2017) | 10-May-17 | YES |
| CVE-2017-0228 | 1008335 | Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0228)) | 10-May-17 | YES |
| CVE-2017-0221 | 1008333 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0221) | 10-May-17 | YES |
| CVE-2017-0236 | 1008337 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0236) | 10-May-17 | YES |
| CVE-2017-0266 | 1008331 | Microsoft Edge Remote Code Execution Vulnerability (CVE-2017-0266) | 10-May-17 | YES |
| CVE-2017-0234 | 1008336 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0234) | 10-May-17 | YES |
| CVE-2017-0064 | 1008367 | Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2017-0064) | 10-May-17 | YES |
| CVE-2017-0238 | 1008338 | Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0238) | 10-May-17 | YES |
| CVE-2017-0058 | 1008319 | Microsoft Windows Information Disclosure Vulnerability (CVE-2017-0058) | 10-May-17 | YES |
| CVE-2017-0171 | 1008332 | Microsoft DNS Server Denial Of Service Vulnerability (CVE-2017-0171) | 10-May-17 | NO |
| CVE-2017-0240 | 1008339 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0240) | 10-May-17 | YES |