-
Microsoft SMBv1 Vulnerability
FYI...
Microsoft SMBv1 Vulnerability
- https://www.us-cert.gov/ncas/current...-Vulnerability
March 16, 2017 - "Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 (SMBv1). Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletin MS17-010* and apply the update. For more information, see the Information Assurance Advisory** and US-CERT's SMB Security Best Practices guidance***."
* https://technet.microsoft.com/library/security/MS17-010
March 14, 2017
** https://www.iad.gov/iad/library/ia-a...-block-1-0.cfm
16 March 2017
*** https://www.us-cert.gov/ncas/current...Best-Practices
Last revised: March 16, 2017
___
- https://www.us-cert.gov/ncas/current...Best-Practices
Last revised: March 16, 2017 - "In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive information from affected systems. US-CERT recommends that users and administrators consider:
disabling SMBv1 and
blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.
US-CERT cautions users and administrators that disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. The benefits of mitigation should be weighed against potential disruptions to users. For more information on SMB, please review Microsoft Security Advisories 2696547* and 204279**."
* https://support.microsoft.com/en-us/kb/2696547
Feb 28, 2017 - Rev: 23
** https://support.microsoft.com/en-us/kb/204279
Jan 7, 2008 - Rev: 1
:fear::fear:
-
March Patching ...
FYI...
March Patching Comes In Like a Lion
- http://windowssecrets.com/windows-se...n-like-a-lion/
March 16, 2017 - "The lack of patches in February means that March’s updates are numerous. Not helping the situation: While Windows 10 updates are cumulative, Office updates may not be depending on your install. Thus we are getting an extra set. It’s a lot to sort through.
Microsoft finally got back to a bit of normal with this month’s release. Windows 10, 8 and 7 all received their normal large cumulative updates, most with a security bent. For Windows 10, the cumulative update also included many fixes for other issues on that platform. And in a bit of trivia only patch-a-holics like me love to keep track of, we have now jumped to Knowledge Base articles that begin with 4. For example, the Windows 10 1607 update is KB4013198.
In addition we received double the amount of Office updates, but remember, if you are running any of the Office 365 versions that support click-to-run, you won’t see the masses of Office updates, you’ll merely get the click to run update dribbled to you over time.
March also meant changes to Microsoft’s communication regarding security bulletins, with the all new Security Portal* as the new location for security guidance and information. However, they are still posting the traditional security bulletin information in the original format, just to ease in the transition."
* https://portal.msrc.microsoft.com/en...urity-guidance
- https://arstechnica.com/security/201...t-smell-right/
3/16/2017
:fear::fear:
-
MS17-014 update - Excel 2010
FYI...
MS17-014: Description of the security update for Excel 2010
- https://support.microsoft.com/en-us/...2010-kb3191855
"... Note: To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer...
Improvements and fixes:
Fixes an issue that causes Excel 2010 to crash when spreadsheets are recalculated. This issue occurs after you install MS17-014: Description of the security update for Excel 2010: March 14, 2017 (KB3178690*)..."
Last Review: Mar 28, 2017 - Rev: 9
* https://support.microsoft.com/en-us/help/3178690
___
- https://blogs.technet.microsoft.com/...or-excel-2010/
Mar 28, 2017
___
KB3178690 causing excel 2010 to crash
- https://answers.microsoft.com/en-us/...4-884b2d7d057b
- https://support.microsoft.com/en-us/...2010-kb3191855
___
> http://windowssecrets.com/patch-watc...t-like-a-lamb/
March 28, 2017
:fear::fear:
-
Post MS17-006 IE11 install - failure
FYI...
Forms in Dynamics CRM 2011 are broken after KB 4013073 for IE11 is installed
- https://support.microsoft.com/en-us/...fter-kb-401307
"Forms in Microsoft Dynamics CRM 2011 are not displayed correctly after KB 4013073 is installed on a Windows system that is running Internet Explorer 11... To get the stand-alone package for this update, go to the Microsoft Update Catalog website*..."
Last Review: Mar 22, 2017 - Rev: 29
* http://www.catalog.update.microsoft....px?q=kb4016446
MS17-006: Cumulative security update for Internet Explorer: March 14, 2017
- https://support.microsoft.com/en-us/...r-march-14-201
Last Review: Mar 14, 2017 - Rev: 31
___
MS17-006: Security update for IE: Mar 14, 2017
- https://support.microsoft.com/en-us/...-march-14-2017
Last Review: Mar 29, 2017 - Rev: 52
> https://technet.microsoft.com/library/security/MS17-006
:fear::fear:
-
MS Security Bulletin Summary - April 2017
FYI...
MS Security Update Guide
> https://portal.msrc.microsoft.com/en...urity-guidance
Release Notes
April 2017 Security Updates
> https://portal.msrc.microsoft.com/en...9-000d3a32fc99
April 11, 2017 - "The April security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Visual Studio for Mac
.NET Framework
Silverlight
Adobe Flash Player ..."
> https://portal.msrc.microsoft.com/en...idance/summary
Cumulative security update for Internet Explorer: April 11, 2017
> https://support.microsoft.com/en-us/...-april-11-2017
Last Review: Apr 13, 2017 - Rev: 46
"... Additionally, see Windows 10* and Windows Server 2016 update history for more information on cumulative updates for Windows 10 and Windows Server 2016..."
* https://support.microsoft.com/en-us/...update-history
Last Review: Apr 13, 2017 - Rev: 46
___
April 11, 2017, update for Microsoft Office
- https://support.microsoft.com/en-us/...crosoft-office
Last Review: Apr 13, 2017 - Rev: 10
___
Qualys analysis:
- https://blog.qualys.com/laws-of-vuln...curity-updates
April 11, 2017 - "Today is the first month since 1998 in which Microsoft stopped releasing security bulletins with the familiar MSxx-xxx format and replaced it with the new security update guide:
- https://portal.msrc.microsoft.com/en...urity-guidance
In today’s release Microsoft fixed a total of 45 vulnerabilities that could lead to remote code execution, denial-of-service, elevation of privileges, security feature bypass and spoofing. Top priority goes to the Office and WordPad CVE-2017-0199 which fixed a 0-day vulnerability that is being actively exploited in the wild. Exploitation of this vulnerability requires that a user open or preview a specially crafted file with an affected version of Office or WordPad. Attacker could accomplish this by sending a specially crafted file to the user and then convincing the user to open the file. We recommend administrators patch this as soon as possible..."
(More detail at the qualys URL above.)
ISC analysis:
- https://isc.sans.edu/diary.html?storyid=22286
Apr 11 2017 - "Today on Tuesday 2017-04-11, Microsoft announced its monthly security release (also known as "Patch Tuesday). Reviewing Microsoft's Security Update Guide, it looks like there's 644 updates with 210 of them listed as "Critical" severity..."
(More detail at the ISC URL above.)
'ghacks' analysis:
- https://www.ghacks.net/2017/04/11/mi...-2017-release/
April 11, 2017 - "... marks the end of Windows Vista's extended support phase. Microsoft won't release security updates for Windows Vista officially anymore*...
* https://www.ghacks.net/2017/03/11/re...ds-next-month/
... Executive Summary: Security Bulletins are no longer provided. Microsoft switched the information system to the Security Update Guide fully. The April security update patches issues in all supported versions and editions of Microsoft Windows. Other Microsoft products with patches are Microsoft Edge and Internet Explorer, the .NET Framework, Silverlight, and Microsoft Office.
Operating System Distribution:
Windows Vista: 9 vulnerabilities, 1 critical, 8 important
Windows 7: 9 vulnerabilities, 1 critical, 8 important.
Windows 8.1: 23 vulnerabilities, 4 critical, 19 important.
Windows RT 8.1: 11 vulnerabilities, 1 critical, 10 important.
Windows 10 version 1703: 21 vulnerabilities, 5 critical, 16 important..."
:fear::fear::fear:
-
MS Security Bulletin Summary for March 2017 - revised
FYI...
Microsoft Security Bulletin Summary for March 2017
Published: March 14, 2017 | Updated: April 11, 2017
> https://technet.microsoft.com/en-us/.../ms17-mar.aspx
V2.0 (April 11, 2017): Bulletin Summary revised to announce the following updates:
For MS17-013, the release of update 4017018 for Windows Vista and Windows Server 2008. The update replaces update 4012583 for CVE-2017-0038 only, to comprehensively address the vulnerability. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4017018 for more information.
For MS17-014, to comprehensively address CVE-2017-0027 for Office for Mac 2011 only, Microsoft is releasing security update 3212218. Microsoft recommends that customers running Office for Mac 2011 install update 3212218 to be fully protected from this vulnerability. See Microsoft Knowledge Base Article 3212218 for more information.
For MS17-021, security updates that apply to CVE-2017-0042 for Windows Server 2012 are now available. Customers running Windows Server 2012 should install update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be fully protected from this vulnerability. Customers running other versions of Microsoft Windows do not need to take any further action.
___
- https://www.us-cert.gov/ncas/current...curity-Updates
April 12, 2017 - "Microsoft has released -61- updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread malicious code:
> https://nvd.nist.gov/vuln/detail/CVE-2017-0199
US-CERT encourages users and administrators to review Vulnerability Note #VU921560* and Microsoft's April 2017 Security Update** and apply the necessary updates."
* https://www.kb.cert.org/vuls/id/921560
** https://portal.msrc.microsoft.com/en...9-000d3a32fc99
___
April 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
April 11, 2017 - "The April 2017 Public Update releases for Office are now available! This month, there are -19- security updates and 33 non-security updates. All of the security and non-security updates are listed in KB article 4016803:
- https://support.microsoft.com/en-us/...crosoft-office
A new version of Office 2013 Click-To-Run is available: 15.0.4919.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7180.5002 "
> https://portal.msrc.microsoft.com/en.../CVE-2017-0199
April 11, 2017
- http://www.securitytracker.com/id/1038224
CVE Reference: CVE-2017-0199
Updated: Apr 12 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2016 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix, available at:
- https://catalog.update.microsoft.com...px?q=KB4014793
- https://catalog.update.microsoft.com...px?q=KB4015549
- https://catalog.update.microsoft.com...px?q=KB4015551
- http://www.securitytracker.com/id/1038227
CVE Reference: CVE-2017-0106, CVE-2017-0204
Apr 11 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2016; Outlook for Mac 2011
Impact: A remote user can create an email message that, when loaded or previewed by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix.
The vendor advisories are available at:
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...11-14-7-3-apri
- https://support.microsoft.com/en-us/...-april-11-2017
:fear::fear::fear:
-
M$ - buggy patches
FYI...
Microsoft's critical Windows and Office patches - problems
- http://www.infoworld.com/article/318...-problems.html
Apr 13, 2017 - "Windows and Office patching have had a horrible three months... just what we've seen in the first 48 hours... The SANS Internet Storm Center*, my go-to source for patch insight, has thrown up its hands, listing all -210- "critical" updates in one massive blob. In addition to the 210 "critical" there's another -434- that aren't so critical, coming to a grand total of -644- patches this month... tip of the -buggy- iceberg..."
(More detail at the infoworld URL above.)
* https://isc.sans.edu/forums/diary/Ap...Tuesday/22288/
___
Also see:
Microsoft Addresses Shadow Brokers Exploits
> https://www.us-cert.gov/ncas/current...ers-Exploits-0
Last revised: April 16, 2017
- https://blogs.technet.microsoft.com/...aluating-risk/
April 14, 2017
- https://arstechnica.com/security/201...terious-patch/
4/15/2017
:fear::fear: :mad:
-
KB4015549 - Win7/Win Svr 2008
FYI...
April 11, 2017 — KB4015549 (Monthly Rollup)
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/...date-kb4015549
Last Review: Apr 12, 2017 - Rev: 21
"... Known issues in this update:
If the PC uses an AMD Carrizo DDR4 processor, installing this update will -block- downloading and installing future Windows updates. Microsoft is working on a resolution and will provide an update in an upcoming release..."
___
- http://www.infoworld.com/article/318...backfires.html
Apr 13, 2017 - "Microsoft is working on a fix after Tuesday’s Windows 7 and 8.1 security updates misfired on some users, forcibly locking them -out- of future Windows updates.
Microsoft has acknowledged that the updates’ detection mechanism, intended to force users with newer 7th generation processor chips to move to Windows 10, also caught people with 6th generation AMD Carrizo DDR 4 PCs, which -were- explicitly -allowed- under terms of Microsoft’s Lifecycle Policy FAQ. Microsoft admitted erroneously -blocking- Windows Update on -four- different Tuesday patches:
KB 4015549 (the Win7 Monthly Rollup), KB 4015546 (the Win7 Security-Only patch), KB 4015550 (the Win8.1 Monthly Rollup), and KB 4015547 (the Win8.1 Security-Only patch)..."
:fear::fear::fear:
-
MS - Feedback on the Security Update Guide
FYI...
MS - Feedback on the Security Update Guide
- https://blogs.technet.microsoft.com/...-update-guide/
April 21, 2017 - "The Security Update Guide* has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and implementation of the Security Update Guide. As we completed Preview this month, we want to let you know that we are continuing to listen to your feedback, and are working to enhance your experience... If you have questions about the change, or how to accomplish certain tasks, we have a FAQ**, as well as a TechNet support forum*** for the Security Update Guide. If you have questions about how to use the Security Update Guide or a suggestion to improve it, please post to the forum or (even better) upvote someone else’s suggestion if you also like it. We are listening."
* https://portal.msrc.microsoft.com/en...urity-guidance
FAQ: ** https://technet.microsoft.com/en-us/security/mt791750
Forum: *** https://social.technet.microsoft.com...ityupdateguide
___
Why is Intel allowing this?
- https://software.intel.com/en-us/for...s/topic/731318
4/14/2017
:blink: :confused:
-
MS Ending Security Updates for Win10 v1507
FYI...
MS Ending Security Updates for Windows 10 version 1507
- https://www.us-cert.gov/ncas/current...0-version-1507
May 04, 2017 - "After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates. US-CERT encourages users and administrators to review Microsoft's Windows 10 version 1507 post* for more information and to apply necessary updates."
* https://support.microsoft.com/en-us/...curity-updates
Last Review: Apr 12, 2017 - Rev: 17
"... Microsoft recommends visiting the Software Download site** and selecting 'Update now' to manually update your device..."
** https://www.microsoft.com/software-download/windows10
___
Outlook 2010 (KB3191906)
- https://support.microsoft.com/en-us/...2010-kb3191906
Article ID: 3191906 - Last Review: May 2, 2017 - Rev: 11
"... Fixes the following issue: When you add attachments to a saved email message and then send the email message in Outlook 2010, the attachments are missing, corrupted or duplicated..."
> https://www.catalog.update.microsoft...aspx?q=3191906
Office 2010 (KB3128031)
- https://support.microsoft.com/en-us/...2010-kb3128031
Article ID: 3128031 - Last Review: May 2, 2017 - Rev: 9
"... Improvements and fixes: Improves the robustness to make sure that the stability of Office 2010 applications in certain scenarios..."
> https://www.catalog.update.microsoft...aspx?q=3128031
:fear::fear:
-
MS Security Advisory 4022344
FYI...
MS Security Advisory 4022344
Security Update for Microsoft Malware Protection Engine
- https://technet.microsoft.com/en-us/...y/4022344.aspx
May 8, 2017 - "Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system... Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration..."
___
- http://www.infoworld.com/article/319...virus-bug.html
May 9, 2017 - "... critical security vulnerability in the Microsoft Malware Protection Engine affects a number of Microsoft products, including Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. These tools are enabled by default in Windows 8, 8.1, 10, and Windows Server 2012..."
- http://www.securitytracker.com/id/1038419
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-0290
May 9 2017
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13704.0), available via automatic update.
The vendor has also provided information on how to manually update the Microsoft Malware Protection Engine, available at:
- https://support.microsoft.com/kb/2510781
___
- http://www.securitytracker.com/id/1038420
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-0290
May 9 2017
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13704.0), available via automatic update.
The vendor has also provided information on how to manually update the Microsoft Malware Protection Engine, available at:
- https://support.microsoft.com/kb/2510781
___
- https://www.us-cert.gov/ncas/current...ecurity-Update
May 08, 2017
:fear::fear:
-
MS Security Updates - May 2017
FYI...
MS Security Updates - May 2017
- https://portal.msrc.microsoft.com/en...urity-guidance
May 9, 2017
> https://portal.msrc.microsoft.com/en...idance/summary
- https://portal.msrc.microsoft.com/en...a-000d3a32fc99
May 09, 2017 - "The May security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
NET Framework
Adobe Flash Player ..."
- https://blogs.technet.microsoft.com/...pdate-release/
May 9, 2017
Coming together to address Encapsulated PostScript (EPS) attacks
- https://blogs.technet.microsoft.com/...t-eps-attacks/
May 9, 2017
"... Related links:
CVE-2017-0261: https://portal.msrc.microsoft.com/en.../CVE-2017-0261
CVE-2017-0262: https://portal.msrc.microsoft.com/en.../CVE-2017-0262
CVE-2017-0263: https://portal.msrc.microsoft.com/en.../CVE-2017-0263
Enterprise customers can check here* to see if they have the latest Office 365 updates."
* https://technet.microsoft.com/en-us/office/mt465751
MS Malware Protection Engine Remote Code Execution Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0290
Internet Explorer Memory Corruption Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0222
Scripting Engine Memory Corruption Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0229
Windows SMB Remote Code Execution Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0277
Windows SMB Remote Code Execution Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0278
Windows SMB Remote Code Execution Vuln
> https://portal.msrc.microsoft.com/en.../CVE-2017-0279
Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11
> https://technet.microsoft.com/library/security/4010323
May 9, 2017
___
May 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
May 9, 2017 - "... This month, there are -36- security updates and 28 non-security updates. All of the security and non-security updates are listed in KB article 4020152*.
* https://support.microsoft.com/en-us/...crosoft-office
Last Review: May 9, 2017 - Rev: 10
A new version of Office 2013 Click-To-Run is available: 15.0.4927.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7181.5002"
___
Microsoft Security Bulletin MS17-013 - Critical
Security Update for Microsoft Graphics Component (4013075)
- https://technet.microsoft.com/en-us/...urity/MS17-013
V3.0 (May 9, 2017): "Microsoft has re-released security update 4017018 for affected editions of Windows Server 2008. The re-release has been re-classified as a security update. Microsoft recommends that customers should install update 4017018 to be fully protected from CVE-2017-0038. Customers who have already installed the update do not need to take any further action.
In addition, this security update correction also applies to Windows Server 2008 for Itanium-based Systems."
___
CVE-2017-0290: http://www.securitytracker.com/id/1038419
- http://www.securitytracker.com/id/1038420
CVE-2017-0064: http://www.securitytracker.com/id/1038447
CVE-2017-0077: http://www.securitytracker.com/id/1038454
CVE-2017-0175: http://www.securitytracker.com/id/1038452
CVE-2017-0190: http://www.securitytracker.com/id/1038451
CVE-2017-0213: http://www.securitytracker.com/id/1038457
CVE-2017-0220: http://www.securitytracker.com/id/1038445
CVE-2017-0222: http://www.securitytracker.com/id/1038423
CVE-2017-0227, CVE-2017-0240: http://www.securitytracker.com/id/1038424
CVE-2017-0228: http://www.securitytracker.com/id/1038425
CVE-2017-0228: http://www.securitytracker.com/id/1038426
CVE-2017-0231: http://www.securitytracker.com/id/1038455
- http://www.securitytracker.com/id/1038456
CVE-2017-0234, CVE-2017-0236: http://www.securitytracker.com/id/1038431
CVE-2017-0244: http://www.securitytracker.com/id/1038453
CVE-2017-0246, CVE-2017-0263: http://www.securitytracker.com/id/1038449
CVE-2017-0248: http://www.securitytracker.com/id/1038458
CVE-2017-0254: http://www.securitytracker.com/id/1038443
CVE-2017-0258: http://www.securitytracker.com/id/1038446
CVE-2017-0261: http://www.securitytracker.com/id/1038444
CVE-2017-0265: http://www.securitytracker.com/id/1038448
CVE-2017-0267, CVE-2017-0271, CVE-2017-0275: http://www.securitytracker.com/id/1038432
CVE-2017-0269, CVE-2017-0273: http://www.securitytracker.com/id/1038433
___
MS Security Advisory 4021279
Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege
- https://technet.microsoft.com/en-us/...curity/4021279
Updated: May 10, 2017
V1.1 (May 10, 2017): "Advisory revised to include a table of issue CVEs and their descriptions. This is an informational change only."
___
Description of Software Update Services and Windows Server Update Services changes in content for 2017
- https://support.microsoft.com/en-us/...ntent-for-2017
Last Review: May 9, 2017 - Rev: 64
___
Qualys Analysis:
- https://blog.qualys.com/laws-of-vuln...ulnerabilities
May 9, 2017 - "... In today’s patch Tuesday update Microsoft released a total of -57- vulnerability fixes. Highest priority should go to patching 0-day issues which are actively exploited. On top of our list is the Office patch for CVE-2017-0261 which is triggered when a victim opens an office file containing malformed graphics image. The file could be delivered via email or any other means. As this is actively exploited in the wild and attackers can take complete control of the victim system this should be treated with priority...
In Summary today’s release fixed 3 actively exploited and 4 publicly disclosed issues including the malware protection engine, Office, IE, Edge and SMB vulnerabilities."
ISC Analysis:
- https://isc.sans.edu/diary.html?storyid=22396
2017-05-09
ghacks Analysis:
- https://www.ghacks.net/2017/05/09/mi...-2017-release/
May 9, 2017 [See 'Executive Summary']
- https://www.thezdi.com/blog/2017/5/5...-update-review
May 09, 2017 - "... table of all CVEs released by Microsoft for May, 2017..."
- https://www.askwoody.com/2017/patch-...s-rolling-out/
May 09, 2017
___
- https://www.us-cert.gov/ncas/current...curity-Updates
May 09, 2017 - "Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system.
US-CERT encourages users and administrators to review Microsoft's May 2017 Security Update Summary* and Deployment Information** and apply the necessary updates."
* https://portal.msrc.microsoft.com/en...idance/summary
** https://support.microsoft.com/en-us/...ion-may-9-2017
Last Review: May 9, 2017 - Rev: 22
.
-
MS Security Advisory 4022345 - Windows Update client
FYI...
MS Security Advisory 4022345
Identifying and correcting failure of Windows Update client to receive updates
- https://technet.microsoft.com/en-us/...curity/4022345
May 9, 2017 - "Microsoft is releasing this security advisory to provide information related to an uncommon deployment scenario in which the Windows Update Client may not properly scan for, or download, updates. This scenario may affect customers who installed a Windows 10 or Windows Server 2016 operating system, and who have never interactively logged in to the system or connected to it through remote desktop services. These systems may not receive Windows updates until a user has completed initial setup by interactively logging in or by logging in through remote desktop services..."
V1.0 (May 9, 2017): Advisory published.
V1.1 (May 10, 2017): Advisory updated to include Logon Type 2 Security Event Log entries. This is an informational change only.
V1.2 (May11, 2017): Advisory updated to clarify the WSUS environment. This is an informational change only.
V1.3 (May 17, 2017): Updated FAQ to clarify the update that needs to be installed: “the current cumulative update”...
:fear::fear:
-
Updating MS antimalware and antispyware software - Win10
FYI...
Updating MS antimalware and antispyware software...
> https://www.microsoft.com/en-us/secu...dl.aspx#manual
May 16, 2017 - "... Force a daily update:
If you want Windows to update your software, go to Windows Update or:
Open your Microsoft security software.
Click the Update tab.
Click the Update button.
>> https://www.microsoft.com/en-us/CMSI...2-0011b7504d55
... Manually download the latest updates:
If you need to get the latest updates available, you can download and install them from here.
For all Microsoft security software, you will need to download the antimalware and antispyware updates.
Antimalware and antispyware updates:
For antimalware and antispyware, the latest definitions are 1.243.529.0, dated May 16, 2017 6:2 PM UTC.
To download these updates:
1. Check whether your version of Windows is 32-bit or 64-bit.
2. In the table below, right-click on the link that will work for your version of Windows and choose Save target as... or Save link as...
3. Save the file to your Desktop.
4. When the file has finished downloading, go to your Desktop and double-click the file (it will be called mpam-fe.exe, mpas-fe.exe, or mpam-feX64.exe).
5. Follow the prompts to install the update..."
___
> https://www.microsoft.com/en-us/secu...s/default.aspx
"Windows Defender in Windows 10 and Windows 8.1, and Microsoft Security Essentials in Windows 7 and Windows Vista help protect your PC from malware and other threats in exactly the same way. You -can't- use Microsoft-Security-Essentials with Windows-10 or Windows 8.1. Windows Defender in Windows 10 and Windows 8.1 is built into Windows and ready to work as soon as you turn your PC on..."
> https://www.microsoft.com/en-us/safe...-defender.aspx
___
Do You Need [an Intel] Firmware Update?
- http://windowssecrets.com/windows-se...rmware-update/
May 11, 2017 - "For those of you with Intel processors, it’s time to see if you are vulnerable. Meanwhile we’re business as usual for Windows updates and Flash updates. And if you use Microsoft’s native antivirus protection, be sure that you’ve received the latest engine update to fix a critical flaw... Intel’s processors are vulnerable to a flaw in Intel’s Active management technology, Small Business Technology or Intel Standard Manageability software, and although I read that this “did not impact consumer PCs” I honestly ignored the warnings: 'I follow security best practices. This can’t impact my workstations'. And then I used the Intel Detection Tool* and determined that many of my workstations – especially in my office -did- have the vulnerable code in my systems. So much for best security practices! Fortunately, while I may have the vulnerable code, the 'Active management technology' is and was not ever -enabled- and I don’t have it set to be accessible from outside of my office. Thus I am not vulnerable to attack even though I may have the vulnerable code on my system. Nevertheless, I recommend that you scan your own system and see if it can detect what chipset you have and if you too may have the vulnerable software. Then contact or view the forums of your OEM vendors and see when they plan to release a bios update to fix this issue. Some like Dell** have posted a listing of impacted systems. HP*** also has a page where you can follow up with more information."
* https://downloadcenter.intel.com/download/26755
** http://en.community.dell.com/techcen...apers/20443914
*** http://www8.hp.com/us/en/intelmanageabilityissue.html
:fear::fear::fear:
-
Win7 SP1 KB4019264 Monthly Rollup / Win10 Creators Update
FYI...
Win7 SP1 and WinSvr2008 R2 SP1 - KB4019264 (Monthly Rollup)
> https://support.microsoft.com/en-us/...date-kb4019264
Last Review: May 23, 2017 - Rev: 33
___
Where’s My Win10 Creators Update?
- http://windowssecrets.com/windows-se...eators-update/
May 23, 2017 - "... 'already been tracking a few known issues such as Network printers* failing due to machines having less than 4 GBs of memory:
* https://answers.microsoft.com/en-us/...0-6827f813fa21
There’s also a known issue when certain antivirus is installed while the creator’s update is installed as noted in the Answers forum**. To work around this issue, make sure you update the antivirus or remove it and reinstall it.
** https://answers.microsoft.com/en-us/...d-43ecbcf526e9
Because the Creators Update is heavily reliant on 3D and video enhancements, I’m seeing that video drivers are the key item that may need to be updated. In fact a -known- issue with Nvidia video drivers, as noted in the forum***, showcases that you need to update your video drivers..."
*** https://answers.microsoft.com/en-us/...0-9dcb7e45cd9e
Win10’s recovery options:
- https://support.microsoft.com/en-us/...covery-options
Last Review: May 23, 2017 - Rev: 74
:fear::fear:
-
When to Disable SMB1
FYI...
When You should Disable Server Message Block v1
- http://windowssecrets.com/windows-se...sage-block-v1/
May 25, 2017 - "The recent ransomware attacks have had a inadvertent side effect at my home and office: It has pointed out to me how much I’m still dependent on Server Message Block v1 (SMB v1). Microsoft’s -workaround- for the recent ransomware attacks have recommended the following workaround as noted in KB2696547*: disabling SMB v1, and leaving SMB v2 and SMB v3 -alone- unless you need to troubleshoot your security settings...
* https://support.microsoft.com/en-us/...windows-server
Last Review: May 22, 2017 - Rev: 35
... SMB v1 is a -30-year-old protocol that has seen better days. The recent ransomware attacks using this protocol to amplify their mayhem have some security researchers still unsure of exactly how the initial attack vector took place. It’s unclear at this time if this ransomware came through targeted email attacks (like many other ransomware attacks), or, if this was a unique attack that possibly infected a workstation, which then brought the attack into the impacted networks through some network access point previously used to bring in other worm like attacks. While it’s unclear how the initial infection started out, it’s -clear- that once the infection got into the network, it relied on vulnerabilities in SMB v1 to basically run rampant through the network. This is why so many security sites recommended disabling SMB v1 as an old and out of date protocol. As pointed out on the Vinransomware blog site**, the best way for a consumer or home user to disable SMBv1 is through the graphical user interface."
** http://www.vinransomware.com/blog/ho...cry-ransomware
15 May 2017 - "... Please note: -Before- proceeding further it is strongly advised to take a backup of the machine because you will in some case might require to change the Windows Registry. If the steps are not carefully followed it might even crash the machine..."
:fear::fear:
-
MS Malware Protection Engine - updated
FYI...
Security Update for MS Malware Protection Engine - Critical
- https://technet.microsoft.com/en-us/...curity/4022344
V1.0 (May 8, 2017): Advisory published.
V1.1 (May 11, 2017): Added link to the same information in the Security Update Guide. This is an informational change only.
V1.2 (May 12, 2017): Added entries into the affected software table. This is an informational change only.
"... For more information on how to manually update the Microsoft Malware Protection Engine and malware definitions, refer to Microsoft Knowledge Base Article 2510781* ..."
> https://nvd.nist.gov/vuln/detail/CVE-2017-0290
Last revised: 05/25/2017
Microsoft Malware Protection Engine deployment info
* https://support.microsoft.com/en-us/...nt-information
> https://www.microsoft.com/en-us/secu.../whatsnew.aspx
> https://www.helpnetsecurity.com/2017...-engine-flaws/
May 30, 2017 - "... security issues have been fixed in version 1.1.13804.0 of the Microsoft Malware Protection Engine. The newest version of the engine is usually automatically downloaded and implemented by the security software that uses it... to verify whether the latest version of the MMPE and definition updates are being actively downloaded and installed for their Microsoft antimalware products can do so by clicking on the software’s Help tab, then choosing the 'About [that specific software]' option..."
- http://www.securitytracker.com/id/1038571
CVE Reference: CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, CVE-2017-8538, CVE-2017-8539, CVE-2017-8540, CVE-2017-8541, CVE-2017-8542
May 26 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 1.1.13704.0 and prior ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code with LocalSystem privileges on the target system.
A local user can prevent the target Microsoft Malware Protection Engine from monitoring the target system. A service restart is required to return the system to normal operations.
Solution: The vendor has issued a fix (1.1.13804.0)...
- http://www.securitytracker.com/id/1038572
- http://www.securitytracker.com/id/1038573
- http://www.securitytracker.com/id/1038574
:fear::fear:
-
MS Security Updates - June 2017
FYI...
MS Security Updates - June 2017
- https://portal.msrc.microsoft.com/en...urity-guidance
June 13, 2017
> https://portal.msrc.microsoft.com/en...idance/summary
Total items: 85 [June 14, 2017] / Total items: 88 [June 22, 2017] / Total items: 89 [June 23, 2017]
- https://portal.msrc.microsoft.com/en...b-000d3a32fc99
June 13, 2017 - "The June security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Silverlight
Skype for Business and Lync
Adobe Flash Player ..."
June 2017 security update release
- https://blogs.technet.microsoft.com/...pdate-release/
June 13, 2017
MS Security Advisory 4025685
Guidance related to June 2017 security update release
- https://technet.microsoft.com/librar...y/4025685.aspx
June 13, 2017
- http://www.securitytracker.com/id/1038667
CVE Reference: CVE-2017-8543
Jun 13 2017
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 7 SP1, 2008 R2 SP1, 2008 SP2, 2012, 8.1, 2012 R2, RT 8.1, 10, 10 Version 1511, 2016, 10 Version 1607, 10 Version 1703
Description: A vulnerability was reported in Windows Search. A remote user can execute arbitrary code on the target system.
A remote user can send specially crafted SMB data to trigger an object memory handling error in Windows Search and execute arbitrary code on the target system.
Impact: A remote user can execute arbitrary code on the target system.
Solution: The vendor has issued a fix.
- https://portal.msrc.microsoft.com/en.../CVE-2017-8543
___
June 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
June 9, 2017 - "... This month, there are 51 security updates and 27 non-security updates. All of the security and non-security updates are listed in KB article 4023935*.
A new version of Office 2013 Click-To-Run is available: 15.0.4937.1000
A new version of Office 2010 Click-To-Run is available: 14.0.7182.5000"
* https://support.microsoft.com/en-us/...crosoft-office
Last Review: Jun 13, 2017 - Rev: 9
___
Additional references:
- http://www.securitytracker.com/id/1038659
- http://www.securitytracker.com/id/1038661
- http://www.securitytracker.com/id/1038662
- http://www.securitytracker.com/id/1038663
- http://www.securitytracker.com/id/1038664
- http://www.securitytracker.com/id/1038666
- http://www.securitytracker.com/id/1038667
- http://www.securitytracker.com/id/1038668
- http://www.securitytracker.com/id/1038669
- http://www.securitytracker.com/id/1038670
- http://www.securitytracker.com/id/1038671
- http://www.securitytracker.com/id/1038673
- http://www.securitytracker.com/id/1038674
- http://www.securitytracker.com/id/1038675
- http://www.securitytracker.com/id/1038676
- http://www.securitytracker.com/id/1038678
- http://www.securitytracker.com/id/1038680
- http://www.securitytracker.com/id/1038701
- http://www.securitytracker.com/id/1038702
Jun 15 2017
___
ghacks Analysis:
- https://www.ghacks.net/2017/06/13/mi...-2017-release/
June 13, 2017 - Microsoft Security Patches for June 2017 - [See 'Executive Summary']
- https://www.thezdi.com/blog/2017/6/1...-update-review
June 13, 2017 - [Scroll down to: 'Microsoft Patches for June 2017']
Qualys Analysis:
- https://blog.qualys.com/laws-of-vuln...ve-june-update
June 13, 2017 - "Today Microsoft released patches to fix 94 vulnerabilities out of which 27 fix remote code execution issues which can allow an attackers to remotely take control of victim machines. This is a massive update and fixes more than double the number of vulnerabilities as compared to the last two months... Overall its a large security update which is almost double as compared to last two months in the number of patched vulnerabilities. Actively exploited SMB issue CVE-2017-8543* and other Font, Outlook, Office, Edge and IE issues are sure to keep system administrators and security teams busy."
* https://portal.msrc.microsoft.com/en.../CVE-2017-8543
___
- https://www.us-cert.gov/ncas/current...curity-Updates
June 13, 2017
:fear::fear::fear:
-
MS Security Advisories 4025685, 4021558
FYI...
MS Security Advisory 4025685: Guidance for older platforms
- https://support.microsoft.com/en-in/...lder-platforms
Last Review: 19-Jun-2017 - Rev: 26
___
Cumulative security update for Internet Explorer
- https://support.microsoft.com/en-us/...r-june-13-2017
Last Review: Jun 23, 2017 - Rev: 5
"... Known issues in this security update:
When you print a specific iframe or frame in a web page, the print output may be blank, or text is printed that resembles the following:
404 – Not Found
(A frame is a part of a web page or browser window that displays content independent of its container. A frame can load content independently.)
This problem has also been observed in both Internet Explorer 11, and in applications that host the IE Web Browser Control.
There is currently no workaround for this issue. However, if you print the entire web page, it will print correctly.
Microsoft is researching this problem and will post more information in this article when the information becomes available."
___
Description of the security update for Outlook 2010
- https://support.microsoft.com/en-us/...010june13,2017
Last Review: Jun 20, 2017 - Rev: 19
"... Known issues in this security update: ..."
:fear::fear:
-
June 2017 Security Updates - 'Known Issues'
FYI...
June 2017 Security Updates
> https://portal.msrc.microsoft.com/en...b-000d3a32fc99
See: "... Known Issues..." ref. KB numbers listed
Jun 23, 2017
___
CVE-2017-8558 | MS Malware Protection Engine Remote Code Execution Vuln
- https://portal.msrc.microsoft.com/en.../CVE-2017-8558
6/23/2017
- http://www.securitytracker.com/id/1038783
CVE Reference: CVE-2017-8558
Jun 23 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): Microsoft Malware Protection Engine 1.1.13804.0 and prior ...
The following product versions are affected:
Microsoft Endpoint Protection
Microsoft Forefront Endpoint Protection
Microsoft Forefront Endpoint Protection 2010
Windows Intune Endpoint Protection ...
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13903.0)...
- http://www.securitytracker.com/id/1038784
CVE Reference: CVE-2017-8558
Jun 23 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): Microsoft Malware Protection Engine 1.1.13804.0 and prior ...
Microsoft Security Essentials is also affected...
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13903.0)...
CVE-2017-8529 | MS Browser Information Disclosure Vuln
- https://portal.msrc.microsoft.com/en.../CVE-2017-8529
Last Updated: 06/22/2017
v3.0 - 06/22/2017: Microsoft is announcing the release of update 4032782 for Internet Explorer 11 on Windows 7, Windows Server 2008 R2, Windows 8.1, and Windows Server 2012 R2 to address a known issue customers may experience when printing from Internet Explorer. Only customers who are experiencing print issues after installing Internet Explorer Cumulative update 4021558 should install update 4032782 because update 4032782 addresses the known issue by removing the protection from CVE-2017-8529. The update is available via the Microsoft Update Catalog only.
___
- http://windowssecrets.com/windows-se...rom-last-week/
June 22, 2017 - "... known issues have been documented... Office known issues... there will be an update expected on June 27th fixing the issue..."
:fear::fear::fear:
-
MS releases - 6.27-28.2017
FYI...
Security Update Summary
> https://portal.msrc.microsoft.com/en...idance/summary
See -all- KB's dated 06/28/2017
___
June 27, 2017, update for Outlook 2010 (KB3015545)
- https://support.microsoft.com/en-us/...2010-kb3015545
Last Review: Jun 28, 2017 - Rev. 14
Last Review: Jun 28, 2017 - Rev: 20
June 27, 2017, update for Outlook 2013 (KB3191849)
- https://support.microsoft.com/en-us/...2013-kb3191849
Last Review: Jun 27, 2017 - Rev: 13
Last Review: Jun 30, 2017 - Rev: 16
___
New ransomware, old techniques: Petya adds worm capabilities
- https://blogs.technet.microsoft.com/...-capabilities/
June 27, 2017
Update on Petya malware attacks
- https://blogs.technet.microsoft.com/...lware-attacks/
June 28, 2017
- https://www.us-cert.gov/ncas/alerts/TA17-181A
July 01, 2017 - "... Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable... US-CERT received a sample of this Petya ransomware variant and performed a detailed malware analysis. The team found that this Petya variant encrypts the victim’s files with a dynamically generated, 128-bit key and creates a unique ID of the victim. However, there is no evidence of a relationship between the encryption key and the victim’s ID, which means it may not be possible for the attacker to decrypt the victim’s files even if the ransom is paid..."
___
- https://www.catalog.update.microsoft...px?q=KB4022716
2017-06 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4022716)
Last Modified: 6/28/2017
- https://support.microsoft.com/en-us/...date-kb4022716
Last Review: Jun 27, 2017 - Rev: 25
___
- https://www.catalog.update.microsoft...px?q=KB4022723
2017-06 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4022723)
2017-06 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4022723)
2017-06 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4022723)
- https://support.microsoft.com/en-us/...date-kb4022723
Last Review: Jun 27, 2017 - Rev: 29
Last Review: Jun 29, 2017 - Rev: 36
___
- https://www.catalog.update.microsoft...px?q=KB4032693
2017-06 Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4032693)
Last Modified: 6/26/2017
2017-06 Cumulative Update for Windows 10 Version 1511 for x86-based Systems (KB4032693)
Last Modified: 6/26/2017
- https://support.microsoft.com/en-us/...date-kb4032693
Last Review: Jun 27, 2017 - Rev: 12
Last Review: Jun 29, 2017 - Rev: 19
> https://www.neowin.net/news/windows-...eres-whats-new
Jun 27, 2017 [More detail...]
:fear::fear::fear:
-
Outlook 2010 - KB3015545 / Win7 SP1 - KB4022719 Monthly Rollup
FYI...
Outlook 2010 (KB3015545)...
- https://support.microsoft.com/en-us/...2010-kb3015545
Last Review: Jun 28, 2017 - Rev: 20
"... Note: A new update for 32-bit Outlook 2010 is under development and will be posted in this article when it becomes available. The original download package for the 32-bit version was removed from the Download Center after a problem was discovered that could cause Outlook to crash when you preview messages that have attachments. If you already downloaded and installed the 32-bit update, we recommend that you remove it until a new version is available..."
___
Windows 7 SP1 and Windows Server 2008 R2 SP1 - KB4022719 (Monthly Rollup)
- https://support.microsoft.com/en-us/...date-kb4022719
Last Review: Jun 27, 2017 - Rev: 41
MS Security Update Summary
> https://portal.msrc.microsoft.com/en...idance/summary
Latest dated 06/28/2017 as of date/time of this post.
:fear::fear:
-
MS Security Updates - July 2017
FYI...
MS Security Updates - July 2017
- https://portal.msrc.microsoft.com/en...urity-guidance
[Total items: 989] [Page: 1/10] - 7/11/2017
MS Security Update Summary
> https://portal.msrc.microsoft.com/en...idance/summary
Total items: 63 - 7/11/2017
> https://blogs.technet.microsoft.com/...pdate-release/
July 11, 2017 - "Today, we released security updates to provide additional protections against malicious attackers..."
Release Notes - July 2017 Security Updates
- https://portal.msrc.microsoft.com/en...c-000d3a32fc99
July 11, 2017 - "The July security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
.NET Framework
Adobe Flash Player
Microsoft Exchange Server..."
___
MS Office updates
> https://blogs.technet.microsoft.com/...pdate-release/
July 11, 2017 - "... This month, there are -17- security updates and 30 non-security updates. All of the security and non-security updates are listed in KB article 4033107*..."
* - https://support.microsoft.com/en-us/...crosoft-office
Last Review: Jul 11, 2017 - Rev: 12
"... Microsoft released the following security and nonsecurity updates. These monthly updates are intended to help our customers keep their computers up-to-date. We recommend that you install all updates that apply to you..."
Office 2016, Office 2013, Office 2010, Office 2007
___
Additional information/reference:
- http://www.securitytracker.com/id/1038848
- http://www.securitytracker.com/id/1038849
- http://www.securitytracker.com/id/1038850
- http://www.securitytracker.com/id/1038851
- http://www.securitytracker.com/id/1038852
- http://www.securitytracker.com/id/1038853
- http://www.securitytracker.com/id/1038854
- http://www.securitytracker.com/id/1038855
- http://www.securitytracker.com/id/1038856
- http://www.securitytracker.com/id/1038857
- http://www.securitytracker.com/id/1038858
- http://www.securitytracker.com/id/1038859
- http://www.securitytracker.com/id/1038860
- http://www.securitytracker.com/id/1038861
- http://www.securitytracker.com/id/1038862
- http://www.securitytracker.com/id/1038863
- http://www.securitytracker.com/id/1038864
- http://www.securitytracker.com/id/1038865
- http://www.securitytracker.com/id/1038866
___
ghacks.net:
- https://www.ghacks.net/2017/07/11/mi...-2017-release/
July 11, 2017 - "... Executive Summary:
Microsoft released security updates for all client and server versions of Windows that the company supports.
All operating systems are affected by critical vulnerabilities.
Security updates have been released for other Microsoft products as well including Microsoft Office, Microsoft Edge, and Internet Explorer.
Windows 10 version 1507 won't receive security updates anymore.
Operating System Distribution:
Windows 7: 22 vulnerabilities of which 2 are rated critical, 19 important, and 1 moderate
Windows 8.1: 24 vulnerabilities of which 2 are rated critical, 21 important, and 1 moderate
Windows RT 8.1: 21 vulnerabilities of which 2 are rated critical, and 21 important
Windows 10 version 1703: 27 vulnerabilities of which 2 are rated critical, 23 important and 1 moderate ..."
(More at the ghacks URL above.)
___
- https://www.thezdi.com/blog/2017/7/1...-update-review
July 11, 2017 - "... 57 security patches impacting Windows, Internet Explorer, Edge, Office, SharePoint, .NET Framework, Exchange, and Hololens... some of these vulns were first disclosed to Microsoft during the most recent Pwn2Own competition back in March... all affected vendors were able to produce patches within 120 days... A few of the CVEs addressed by Microsoft this month deserve some extra attention..."
CVE-2017-8463 | Windows Explorer Remote Code Execution Vulnerability
Security Vulnerability
- https://portal.msrc.microsoft.com/en.../CVE-2017-8463
7/11/2017
CVE-2017-8584 | HoloLens Remote Code Execution Vulnerability
Security Vulnerability
> https://portal.msrc.microsoft.com/en.../CVE-2017-8584
7/11/2017
___
Qualys analysis: https://blog.qualys.com/laws-of-vuln...-adobe-patches
July 11, 2017 - "Today Microsoft released patches covering 54 vulnerabilities as part of July’s Patch Tuesday, with 26 of them affecting Windows. Patches covering 19 of these vulnerabilities are labeled as Critical, all of which can result in Remote Code execution. According to Microsoft, none of these vulnerabilities are currently being exploited in the wild.
Top priority for patching should go to CVE-2017-8589*, which is a vulnerability in the Windows Search service. This vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. The issue affects Windows Server 2016, 2012, 2008 R2, 2008 as well as desktop systems like Windows 10, 7 and 8.1. While this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya... Today’s release is normal in size, and covers 54 vulnerabilities in Windows, Internet Explorer, Edge, Office, .net Framework, Adobe Flash, and Exchange..."
* https://portal.msrc.microsoft.com/en.../CVE-2017-8589
.
-
Patch Watch: July’s releases fix June’s Issues
FYI...
Patch Watch: July’s releases fix June’s Issues
> http://windowssecrets.com/windows-se...-junes-issues/
July 13, 2017
"... Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply."
___
> https://www.askwoody.com/
"Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."
:fear::fear::fear:
-
MS yanks bad Outlook patches...
FYI...
Outlook 2010 (KB4011042)
- https://support.microsoft.com/en-us/...2010-kb4011042
Last Review: Jul 11, 2017 - Rev: 17
"Notice: Update 4011042 for Microsoft Outlook 2010 that was released on July 5, 2017, is not currently available. This article will be updated as soon as the update is available again..."
Outlook 2013 (KB3191849)
- https://support.microsoft.com/en-us/...2013-kb3191849
Last Review: Jul 11, 2017 - Rev: 19
"Notice: Update 3191849 for Microsoft Outlook 2013 that was released on June 27, 2017, is not currently available. This article will be updated as soon as the update is available again..."
Outlook 2016 (KB3213654)
- https://support.microsoft.com/en-us/...2016-kb3213654
Last Review: Jul 11, 2017 - Rev: 21
"Notice: Update 3213654 for Microsoft Outlook 2016 that was released on June 30, 2017, is not currently available. This article will be updated as soon as the update is available again..."
... as of July 17, 2017
___
Win7 SP1 and Windows Server 2008 R2 SP1
... 2017 July monthly rollup
- https://support.microsoft.com/en-us/...date-kb4025341
Last Review: Jul 14, 2017 - Rev: -40-
___
- https://www.askwoody.com/2017/micros...213654-401042/
July 15, 2017
- http://www.computerworld.com/article...54-401042.html
July 15, 2017 - "... earlier versions of the bad patches-of-patches had a nasty habit of crashing Outlook."
___
Win10: https://blogs.msmvps.com/bradley/201...s-another-way/
July 17, 2017 - "Next way to get 1703 on systems – again go back to that download page:
- https://www.microsoft.com/en-us/soft...load/windows10
and use the download tool to make the iso/media. Park the iso on a network share and expand it out.
Next use the command switches noted in this blog post:
– https://blogs.technet.microsoft.com/...line-switches/
Specifically you want to ensure that you do -not- trigger a 'clean install' but an upgrade."
Tracking known issues with Win10 1703:
> https://techcommunity.microsoft.com/...703/td-p/67122
:fear::fear::fear:
-
MS Office Outlook updates - 7.27.2017
FYI...
New updates are available for Outlook
- https://blogs.technet.microsoft.com/...e-for-outlook/
July 27, 2017 - "We released security updates for Outlook today. See the following KB articles for more information:
- https://support.microsoft.com/en-us/help/4011052
- https://support.microsoft.com/en-us/help/4011078
- https://support.microsoft.com/en-us/help/2956078
- https://support.microsoft.com/en-us/help/3213643
A new version of Office 2013 Click-To-Run is available: 15.0.4953.1001
A new version of Office 2010 Click-To-Run is available: 14.0.7187.5000"
___
CVE-2017-8572 | Microsoft Office Outlook Information Disclosure Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en.../CVE-2017-8572
07/27/2017
- http://www.securitytracker.com/id/1039010
CVE Reference: CVE-2017-8572
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix...
___
CVE-2017-8663 | Microsoft Office Outlook Memory Corruption Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en.../CVE-2017-8663
07/27/2017
- http://www.securitytracker.com/id/1039011
CVE Reference: CVE-2017-8663
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix...
___
CVE-2017-8571 | Microsoft Office Outlook Security Feature Bypass Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en.../CVE-2017-8571
07/27/2017
- http://www.securitytracker.com/id/1039012
CVE Reference: CVE-2017-8571
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can create a file that, when loaded and interacted with by the target user, will execute arbitrary commands on the target user's system.
Solution: The vendor has issued a fix...
___
Description of the security update for Outlook 2007
- https://support.microsoft.com/en-us/...7-july-27-2017
Last Review: Jul 27, 2017 - Rev: 15
Description of the security update for Outlook 2010
- https://support.microsoft.com/en-us/...0-july-27-2017
Last Review: Jul 27, 2017 - Rev: 14
Description of the security update for Outlook 2013
- https://support.microsoft.com/en-us/...3-july-27-2017
Last Review: Jul 27, 2017 - Rev: 18
Description of the security update for Outlook 2016
- https://support.microsoft.com/en-us/...6-july-27-2017
Last Review: Jul 27, 2017 - Rev: 15
___
MS Security Update Summary
- https://portal.msrc.microsoft.com/en...idance/summary
Latest dated: 7/27/2017 - Total items: 68
___
> http://www.computerworld.com/article...rity-bugs.html
Jul 27, 2017
:fear::fear::fear:
-
Microsoft Security Updates for August, 2017
Security Update Summary
https://portal.msrc.microsoft.com/en...idance/summary
The August 2017 Security Update Review
August 08, 2017 | Dustin Childs
"For this month, Adobe released two Critical-rated updates for Adobe Flash, Digital Edition, and Reader, and one Important-rated update for Adobe Experience Manager."
"Microsoft released 48 security patches for August covering Windows, Internet Explorer (IE), Edge, the subsystem for Linux, Kernel, SharePoint, SQL Server, and Hyper-V. Of these 48 CVEs, 25 are listed as Critical, 21 are rated Important, and two are Moderate in severity. A total of seven of these CVEs came through the ZDI program. Two of these bugs are listed as publically known prior to release, with one bug listed as having publicly available PoC."
https://www.zerodayinitiative.com/bl...-update-review
-
Win7 August 2017 patches - bugzz
FYI...
Win7 August 2017 patches - bugzz
- http://computerworld.com/article/321...-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."
* https://support.microsoft.com/en-us/...date-kb4034664
Last Review: Aug 9, 2017 - Rev: 21
Last Review: Aug 16, 2017 - Rev: 23
Last Review: Aug 18, 2017 - Rev: 25
Last Review: Aug 25, 2017 - Rev: 26
** https://support.microsoft.com/en-us/...date-kb4034679
Last Review: Aug 9, 2017 - Rev: 23
Last Review: Aug 16, 2017 - Rev: 27
Last Review: Aug 18, 2017 - Rev: 28
Last Review: Aug 25, 2017 - Rev: 29
- https://www.askwoody.com/2017/micros...ering-problem/
Aug 26, 2017
:fear::fear: :sad:
-
Patch Watch: August’s 'Follow-Up' Fixes
FYI...
Win7 August 2017 patches - bugzz
- http://computerworld.com/article/321...-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."
* https://support.microsoft.com/en-us/...date-kb4034664
Last Review: Aug 9, 2017 - Rev: 21
Last Review: Aug 16, 2017 - Rev: 23
Last Review: Aug 18, 2017 - Rev: 25
Last Review: Aug 25, 2017 - Rev: 26
Last Review: Aug 29, 2017 - Rev: 27
Last Review: Aug 30, 2017 - Rev: 29
** https://support.microsoft.com/en-us/...date-kb4034679
Last Review: Aug 9, 2017 - Rev: 23
Last Review: Aug 16, 2017 - Rev: 27
Last Review: Aug 18, 2017 - Rev: 28
Last Review: Aug 25, 2017 - Rev: 29
Last Review: Aug 29, 2017 - Rev: 30
Last Review: Aug 30, 2017 - Rev: 31
- https://www.askwoody.com/2017/micros...ering-problem/
Aug 26, 2017
___
Patch Watch: August’s Follow-Up Fixes
> http://windowssecrets.com/windows-se...llow-up-fixes/
Aug 22, 2017 - "I have a phrase I often use with technology: Keep the children on the playground the same age. This means -not- mixing older-and-younger groups; they have different skill levels and abilities. The same goes for .NET 4.7, applications and Windows 7. If you dig into various locations on the web you will see post install side effects such as the following:
Impacting Autocad and earlier versions as noted in a forum[1]
1] https://www.cadnauseam.com/2017/07/1...ocad-pre-2017/
.NET 4.7 crashing Quickbooks as noted on a blog[2]
2] http://www.intuitiveaccountant.com/g.../#.WZO9HLpFw2w
Possible issues with Arcgis Pro[3]
3] https://geonet.esri.com/thread/19626...aks-arcgis-pro
May have issues with touchscreen inputs as notes in this post[4]
4] https://www.reddit.com/r/sysadmin/co...dp&sh=376b604f
Techsmith Snagit impact with .NET 4.7 as noted in this forum[5]
5] https://www.reddit.com/r/sysadmin/co...dp&sh=376b604f
I’ll be investigating and see if the 4.7 update is the trigger for these issues but in the meantime if you are impacted and want to block .NET 4.7 you can use a registry key as noted on the Ghacks site.[6]
6] https://www.ghacks.net/2017/06/12/bl...-installation/
... What to do: Consider -blocking- .NET 4.7 on older operating systems.
Windows 10 1607 Side Effects: The release of 4034658 to Windows 10, version 1607 release had a few noticeable side effects: Naming it wiped-out-your-update-history. As an alternative, to see which quality updates have been applied, you can navigate to the inventory by going to Control Panel -> Programs -> “View Installed Updates.” In addition, the update had additional-side-effects of making any hidden updates pop back up again. So if you hid the 1703 update it -will- offer back up again. Finally in a network setting, WSUS servers will exhibit increased CPU, memory, and network utilization when Windows Update clients perform their first scan after installing KB4034658. Remember this only happens with the KB4034658* for Windows 10 1607 update."
* https://support.microsoft.com/en-hk/help/4034658
Last updated: 11 Aug 2017 - Rev: 21
Last Review: 28 Aug 2017 - Rev: 25
___
Fixes or workarounds for recent issues in Outlook for Windows
- https://support.office.com/en-us/art...3-95a214ac1230
Last updated: Aug 24, 2017
___
Update for Office 2016 (KB4011093)
- https://support.microsoft.com/en-us/...2016-kb4011093
Last Review: Aug 24, 2017 - Rev: 16
Last Review: Sep 1, 2017 - Rev: 20
___
August 25, 2017 — KB4039884
> https://support.microsoft.com/en-us/...date-kb4039884
Last Review: Aug 25, 2017 - Rev: 33
Last Review: Aug 30, 2017 - Rev: 34 - "This update addresses an issue where UI elements, including menu bars, are missing from Windows and Java applications running on computers with multiple monitors (multimon). The issue affects console and Remote Desktop logons when the main monitor is -not- in the top left area of the monitor layout in Control Panel. Applications may also stop responding or not work properly when moved between monitors. This issue impacts the following releases:
2017-08 Monthly Rollup - KB4034664
2017-08 Security-only update - KB4034679
2017-08 Preview of Monthly Rollup - KB4034670
Before you install this update, you must install KB4034664 or KB4034679, and then apply this update... Microsoft is working on a resolution and will provide an update in an upcoming release..."
"... If you have problems with a Windows 7 second monitor after installing this month’s KB 4034664, there’s a new manual-install-only fix. But it’s buggy, too"
>> http://www.computerworld.com/article...b-4039884.html
Aug 28, 2017
:fear::fear::fear:
-
MS patch alert - Outstanding problems with recent updates
FYI...
MS patch alert: Outstanding problems with recent updates
... Long list of -unresolved- issues
- https://www.computerworld.com/articl...t-updates.html
Aug 31, 2017 - "... Recommendation: Hold off on applying August Windows and Office patches."
:fear::fear::fear:
-
Sep 2017 Non-Security Office Update Release
FYI...
September 2017 Non-Security Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
Sep 5, 2017 - "Listed below are the non-security updates we released on the Download Center and Microsoft Update. See the linked KB articles for more information.
Office 2013
Update for Microsoft Office 2013 (KB3172484)
- https://support.microsoft.com/help/3172484
Update for Microsoft Office 2013 (KB3172512)
- https://support.microsoft.com/help/3172512
Update for Microsoft Office 2013 (KB3203486)
- https://support.microsoft.com/help/3203486
Update for Microsoft Office 2013 (KB3213536)
- https://support.microsoft.com/help/3213536
Update for Microsoft Office 2013 (KB4011087)
- https://support.microsoft.com/help/4011087
Update for Microsoft Office 2013 (KB4011106)
- https://support.microsoft.com/help/4011106
Update for Microsoft Project 2013 (KB4011109)
- https://support.microsoft.com/help/4011109
Update for Microsoft Visio 2013 (KB3191936)
- https://support.microsoft.com/help/3191936
Update for Microsoft Word 2013 (KB4011105)
- https://support.microsoft.com/help/4011105
Office 2016
Update for Microsoft Access 2016 (KB4011032)
- https://support.microsoft.com/help/4011032
Update for Microsoft Office 2016 (KB3191923)
- https://support.microsoft.com/help/3191923
Update for Microsoft Office 2016 (KB3191924)
- https://support.microsoft.com/help/3191924
Update for Microsoft Office 2016 (KB3203478)
- https://support.microsoft.com/help/3203478
Update for Microsoft Office 2016 (KB3203482)
- https://support.microsoft.com/help/3203482
Update for Microsoft Office 2016 (KB4011093)
- https://support.microsoft.com/help/4011093
Update for Microsoft Office 2016 (KB4011099)
- https://support.microsoft.com/help/4011099
Update for Microsoft Office 2016 (KB4011102)
- https://support.microsoft.com/help/4011102
Update for Microsoft Office 2016 Language Interface Pack (KB4011098)
- https://support.microsoft.com/help/4011098
Update for Microsoft OneNote 2016 (KB4011092)
- https://support.microsoft.com/help/4011092
Update for Microsoft Project 2016 (KB4011101)
- https://support.microsoft.com/help/4011101
Update for Microsoft Visio 2016 (KB4011096)
- https://support.microsoft.com/help/4011096
Update for Microsoft Word 2016 (KB4011039)
- https://support.microsoft.com/help/4011039
___
- https://www.computerworld.com/articl...carefully.html
Sep 5, 2017 - "August was a banner month for Windows and Office customers. If I counted correctly, we saw patches on -14- different days last month... current list of outstanding problems... it’s time for you to get the August patches out of the way..."
(More detail at the computerworld URL above.)
:fear::fear:
-
MS Security Updates - Sept 2017
FYI...
- https://blogs.technet.microsoft.com/...pdate-release/
Sep 12, 2017 - "... we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."
- https://portal.msrc.microsoft.com/en...d-000d3a32fc99
Sep 12, 2017 - "The September security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Adobe Flash Player
Skype for Business and Lync
.NET Framework
Microsoft Exchange Server ..."
> https://portal.msrc.microsoft.com/en...idance/summary
Total items: 96 - Page: 1/1
___
Sept 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
Sep 12, 2017 - "... This month, there are -45- security updates and 30 non-security updates. All of the security and non-security updates are listed in KB article 4040279*.
* https://support.microsoft.com/en-us/...crosoft-office
Last Review: Sep 12, 2017 - Rev: 9
A new version of Office 2013 Click-To-Run is available: 15.0.4963.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7188.5002"
___
Description of Software Update Services and Windows Server Update Services changes in content for 2017
- https://support.microsoft.com/en-us/...ces-changes-in
Last Review: Sep 12, 2017 - Rev: 125
___
Additional info:
- http://www.securitytracker.com/id/1039320
- http://www.securitytracker.com/id/1039322
- http://www.securitytracker.com/id/1039323
- http://www.securitytracker.com/id/1039324
- http://www.securitytracker.com/id/1039325
- http://www.securitytracker.com/id/1039326
- http://www.securitytracker.com/id/1039327
- http://www.securitytracker.com/id/1039328
- http://www.securitytracker.com/id/1039329
- http://www.securitytracker.com/id/1039330
- http://www.securitytracker.com/id/1039331
- http://www.securitytracker.com/id/1039333
- http://www.securitytracker.com/id/1039337
- http://www.securitytracker.com/id/1039338
- http://www.securitytracker.com/id/1039339
- http://www.securitytracker.com/id/1039340
- http://www.securitytracker.com/id/1039341
- http://www.securitytracker.com/id/1039342
- http://www.securitytracker.com/id/1039343
- http://www.securitytracker.com/id/1039344
- http://www.securitytracker.com/id/1039352
- http://www.securitytracker.com/id/1039369
___
Qualys analysis: https://blog.qualys.com/laws-of-vuln...-adobe-patches
Sep 12, 2017 - "Today Microsoft released a fairly large batch of patches covering 81 vulnerabilities as part of September’s Patch Tuesday update, with 38 of them impacting Windows. Patches covering -27- of these vulnerabilities are labeled as -Critical- and -39- can result in Remote Code Execution (RCE). According to Microsoft, one vulnerability impacting HoloLens has a public exploit.
Top priority for patching should go to CVE-2017-0161, an RCE vulnerability in NetBIOS that impacts both servers and workstations. For users of Microsoft’s DHCP server, priority should also be given to CVE-2017-8686, especially if using failover mode, due to another potential RCE.
Out of the 26 vulnerabilities that are both Critical and RCE, -22- of them impact Microsoft’s browsers. Many of these vulnerabilities involve the Scripting Engine, which can impact both browsers and Microsoft Office, and should be considered for prioritizing for workstation-type systems that use email and access the internet via a browser. Adobe has also released patches covering 5 critical vulnerabilities, 2 of which are for Flash. The other patches are for Adobe ColdFusion and RoboHelp."
ghacks.net: https://www.ghacks.net/2017/09/12/mi...-2017-release/
Sep 12, 2017 - "... Executive Summary:
Microsoft released security patches for all versions of Windows. Security updates were also released for Internet Explorer, Microsoft Edge, Microsoft Office, Skype for Business and Lync, Microsoft Exchange Server, Adobe Flash Player, and the .Net Framework.
Operating System Distribution:
- Windows 7: 22 vulnerabilities of which 3 are rated critical, 19 important
- Windows 8.1: 26 vulnerabilities of which 4 are rated critical, 22 important
- Windows 10 version 1703: 25 vulnerabilities of which 2 are rated critical, 23 important
Windows Server products:
- Windows Server 2008 R2: 23 vulnerabilities, of which 3 are rated critical, 20 important
- Windows Server 2012 and 2012 R2: 26 vulnerabilities, of which 4 are rated critical 21 important and 1 moderate
- Windows Server 2016: 28 vulnerabilities of which 2 are rated critical, 26 important
Other Microsoft Products:
- Internet Explorer 11: 7 vulnerabilities, 5 critical, 2 important
- Microsoft Edge: 28 vulnerabilities, 19 critical, 7 important, 2 moderate..."
___
- https://www.us-cert.gov/ncas/current...curity-Updates
Sep 12, 2017
:fear::fear:
-
MS Sep 2017 patch issues
FYI...
MS Sep 2017 patch issues
> https://www.askwoody.com/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."
Outlook security patches intentionally break custom forms
> https://www.computerworld.com/articl...tom-forms.html
Sep 19, 2017 - "... Those of you who have installed any of this month’s Outlook security patches:
Outlook 2007 KB 4011086:
> https://support.microsoft.com/en-us/...ptember12-2017
Outlook 2010 KB 4011089:
> https://support.microsoft.com/en-us/...ptember12-2017
Outlook 2013 KB 4011090:
> https://support.microsoft.com/en-us/...ptember12-2017
Outlook 2016 KB 4011091:
> https://support.microsoft.com/en-us/...ptember12-2017
... will have to dive into the Registry if you want to enable any custom form scripts, including the VBScript printing capability. It’s complicated, and the method varies, depending on which version of Office you’re using... Of course, Microsoft didn’t tell us about the change when it released the security patches. To this date, there’s no notice in the associated KB articles either. The change is intended to make it harder for bad guys to break into your computer. That’s a noble goal, but it sure could’ve been communicated in a much better way..."
>> https://www.slipstick.com/outlook/custom-form-security/
Sep 18, 2017
___
Ongoing list of problems with this month’s Win10 Creators Update cumulative update KB 4038788
- https://www.askwoody.com/2017/ongoin...te-kb-4038788/
Sep 19, 2017
> https://support.microsoft.com/en-us/...date-kb4038788
Last Review: Sep 18, 2017 - Rev: 40 - See: "Known issues in this update... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Some OEM factory images causing devices to black screen
- https://support.microsoft.com/en-us/help/4043345
Last Review: Sep 18, 2017 - Rev: 8 - "After installing a Windows Store application update, some users may experience a black screen on their device for 5-10 minutes upon rebooting the OS.
Cause: Some OEM factory images create incorrect registry keys during image creation. These registry keys conflict with the app readiness service. After 5-10 minutes of black screen the user will regain use of their device. This issue is triggered on every reboot.
Resolution: Microsoft is working on a resolution and will provide an update in an upcoming release..."
___
Outlook.com was out for 18 hours in Europe
> https://www.askwoody.com/2017/outloo...urs-in-europe/
Sep 19, 2017
- http://www.reuters.com/article/us-mi...-idUSKCN1BT2FY
Sep 18, 2017
Outlook outage map
>> http://downdetector.co.uk/problems/outlook/map/
Skype messaging and connecting issues
- https://heartbeat.skype.com/2017/09/...onnecting.html
Sep 18, 2017
Report of KB 4038777 breaking activation on Dell machines
- https://www.askwoody.com/2017/report...dell-machines/
Sep 18, 2017
> https://support.microsoft.com/en-us/...date-kb4038777
Last Review: Sep 14, 2017 - Rev: 19
Running a Win10 beta build on a Surface Pro 3? Don’t shut down.
Apparently there was no reboot testing on SP3 with the latest Win10 beta, and the SP3 bricks on reboot. Some SP4 owners have complained, too.
- https://www.computerworld.com/articl...shut-down.html
Sep 18, 2017
Outlook 2007 and 2010 security patches scramble languages, break printing on custom forms
> https://www.askwoody.com/2017/outloo...-custom-forms/
Sep 15, 2017
Outlook 2010 Tower of Babel patch KB 4011089 breaks VBScript print
In the second significant bug in Outlook security patches this month, installing the September Outlook 2010 security patch disables the VBScript print function in custom forms.
> https://www.computerworld.com/articl...ipt-print.html
> https://www.computerworld.com/articl...y-patches.html
Sep 14, 2017
> https://marc.info/?l=patchmanagement&r=1&b=201709&w=2
2017-09-19
>> https://www.ghacks.net/2017/09/16/mi...sues-overview/
2017-09-16 - "... it appears that the updates have caused quite a -large- number of issues that users and administrators experience when they install or try to install these patches..."
___
> https://portal.msrc.microsoft.com/en...sory/ADV170015
Last Updated : 09/19/2017
Description of the security update for Outlook 2007
>> https://support.microsoft.com/en-us/...ptember19-2017
Last Review: Sep 19, 2017 - Rev: 17
> https://www.catalog.update.microsoft...aspx?q=4011110
KB4038803 (Preview of Monthly Rollup)
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/...date-kb4038803
Last Review: Sep 19, 2017 - Rev: 10
___
Cumulative Update 18 for Exchange Server 2013
- https://support.microsoft.com/en-us/...ge-server-2013
Last Review: Sep 19, 2017 - Rev: 9
___
More to come?...
:fear::fear::fear:
-
Outlook 2010, 2013 and 2016 - Email retrieval fails after installing Patch
FYI...
Email retrieval fails after installing Security Patch for Outlook 2010, 2013 and 2016
- https://www.veritas.com/support/en_US/article.000127958
2017-09-20 - "Problem: Users will not be able to retrieve emails after installing the associated Microsoft Outlook Security patch, listed below, released on September 12, 2017.
KB4011089 for Outlook 2010
KB4011090 for Outlook 2013
KB4011091 for Outlook 2016
When this Microsoft Security patch for Outlook is installed on the client, users are unable to access archived emails.Upon double clicking on the shortcut it will open the shortcut only with the banner: "The item has archived by Enterprise vault. Click here to view the original link"
Outlook will become unresponsive, when clicking on the banner.
Cause: These Microsoft Office security updates have disabled scripts for custom forms. Enterprise Vault's archived item shortcuts are custom forms that require scripting for their retrieval functionality.
>> Note: Outlook clients without this patch are not affected..."
Custom form script is now disabled by default
Applies To: Outlook 2016 Outlook 2013 Outlook 2010 Outlook 2007
> https://support.office.com/en-gb/art...c-d7cce0120e94
Last updated: Sep 19, 2017
ISSUE: Custom form script is now disabled by default and requires setting registry keys to re-enable it..."
___
Where we stand with messy September Windows and .NET patches
... Bugs galore — IE won’t start or looks odd, custom controls turn black, Edge goes AWOL — with Windows 10 Creators Update getting more than its fair share.
> https://www.computerworld.com/articl...t-patches.html
Sep 21, 2017
___
Maintaining Windows 10 security tops list of enterprise challenges
- https://www.helpnetsecurity.com/2017...s-10-security/
Sep 21, 2017 - "Companies are experiencing significant challenges in their attempts to keep their endpoints secure. Maintaining Windows 10 security topped the list of challenges with over half of respondents to an Adaptiva survey indicating it can take a -month- or -more- for IT teams to execute Windows OS updates, which ultimately leaves systems vulnerable..."
(More detail at the helpnetsecurity URL above.)
:fear::fear::fear:
-
MS Sept 2017 Windows and Office patches
FYI...
Where we stand with MS Sept 2017 Windows and Office patches ...
- https://www.computerworld.com/articl...e-patches.html
Sep 26, 2017 - "... Recommendations: Assuming you don’t click “Enable Editing” in Word, there are no immediately pressing September patches. I say it’s wise to wait-and-see if any of the outstanding bugs get fixed — and wait to see if the patches-of-patches generate new problems of their own..."
(More detail at the computerworld URL above.)
> https://www.askwoody.com/
Sep 26, 2017 - "... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it..."
:fear::fear::fear:
-
MS Sep 2017 - patch status ...
FYI...
It’s time to install the September patches for Windows and Office
... The September patches were problematic — a couple of them got pulled, a couple more replaced — but most of the bugs are now reasonably well known and understood
- https://www.computerworld.com/articl...nd-office.html
Sep 29, 2017 11:31 AM PT
(Many details at the computerworld URL above.)
> https://www.askwoody.com/
Sep 30, 2017 at 12:09 - "Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems."
> https://www.askwoody.com/2017/work-i...askwoody-site/
- https://twitter.com/woodyleonhard/st...35736215105536
7:31 AM - 30 Sep 2017 - "... AskWoody.com is under attack, going up and down, mostly down. We're working on it..."
- https://www.facebook.com/WoodyOnWindows/
:fear::fear::fear:
-
Turn MS 'Auto Update' off ...
FYI...
Check to see that MS 'Auto Update' is turned off
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it...
- https://askwoody.com/2017/ms-defcon-...is-turned-off/
Oct 10, 2017 - "... a slew of patches waiting, for a dozen different platforms, including all versions of Windows (even RT 8.1!), Office, IE, Skype and more..."
... delay Automatic Update at least a few days, until the bugs have shaken out...
> https://www.computerworld.com/articl...re-coming.html
Oct 10, 2017 - "If you’re running Windows, do yourself a favor and put Automatic Update on a temporary hold..."
:fear::fear:
-
MS Security Updates - Oct 2017
FYI...
October 2017 security update release
- https://blogs.technet.microsoft.com/...pdate-release/
Oct 10, 2017 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."
- https://portal.msrc.microsoft.com/en...2-000d3a32fc99
Oct 10, 2017 - "The October security release consists of security updates for the following software:
• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• Skype for Business and Lync
• Chakra Core ...
Known issues:
- https://support.microsoft.com/en-us/help/4041691
- https://support.microsoft.com/en-us/help/4042895
- https://support.microsoft.com/en-us/help/4041676
- https://support.microsoft.com/en-us/help/4041681
"... Microsoft is working on a resolution and will provide an update in an upcoming release."
Security Update Summary
> https://portal.msrc.microsoft.com/en...idance/summary
10/10/2017
___
October 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
Oct 10, 2017 - "... This month, there are 26 security updates and 27 non-security updates. All of the security and non-security updates are listed in KB article 4043461*.
A new version of Office 2013 Click-To-Run is available: 15.0.4971.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7189.5001
* https://support.microsoft.com/en-us/...crosoft-office
Last Review: Oct 10, 2017 - Rev: 10
___
Additional information:
- http://www.securitytracker.com/id/1039526
- http://www.securitytracker.com/id/1039527
- http://www.securitytracker.com/id/1039528
- http://www.securitytracker.com/id/1039529
- http://www.securitytracker.com/id/1039530
- http://www.securitytracker.com/id/1039532
- http://www.securitytracker.com/id/1039533
- http://www.securitytracker.com/id/1039534
- http://www.securitytracker.com/id/1039535
- http://www.securitytracker.com/id/1039536
- http://www.securitytracker.com/id/1039537
- http://www.securitytracker.com/id/1039538
- http://www.securitytracker.com/id/1039539
- http://www.securitytracker.com/id/1039540
- http://www.securitytracker.com/id/1039541
- http://www.securitytracker.com/id/1039542
___
ghacks.net: https://www.ghacks.net/2017/10/10/mi...-2017-release/
Oct 10, 2017 - "... Our monthly series provides you with information on Microsoft's Patch Day. It features an overview of all security and non-security updates that Microsoft released since the last Patch day in September 2017. The monthly guide lists how different versions of Windows -- client and server -- and Microsoft's browsers Edge and Internet Explorer are affected. It features links to resources, direct download links for cumulative Windows updates, new and updated security advisories, and information on how to download the updates to Windows machines...
Windows 7: 20 vulnerabilities of which 5 are rated critical, 15 important
Windows 8.1: 23 vulnerabilities of which 6 are rated critical, 17 important
Windows 10 version 1607: 29 vulnerabilities, 6 critical, 23 important
Windows 10 version 1703: 29 vulnerabilities of which 6 are rated critical, 23 important ..."
(More detail at the URL above.)
Qualys analysis: https://blog.qualys.com/laws-of-vuln...ulnerabilities
Oct 10, 2017 - "Today Microsoft released patches covering 62 vulnerabilities as part of August’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in Microsoft Office is being actively exploited in the wild. Top priority for patching should go to a vulnerability in Microsoft Office, CVE-2017-11826, which Microsoft has ranked as “Important” is actively being exploited in the wild.
Priority should also be given to CVE-2017-11771, which is a vulnerability in the Windows Search service. This is the fourth Patch Tuesday this year to feature a vulnerability in this service. As with the others, this vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. While an exploit against this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya.
Also of note are two vulnerabilities in the Windows font library, CVE-2017-11762 and CVE-2017-11763, that can be exploited through a browser or malicious file, as well as a vulnerability in DNSAPI, CVE-2017-11779, that could allow a malicious DNS server to execute code on a client system.
A vulnerability in certain TPM chips is addressed by ADV170012. This vulnerability is in the TPM chip itself, and not in Windows, but could result in weak cryptographic keys. These keys are used for BitLocker, Biometric auth, and other areas of Windows. The updates provide a workaround for the weak keys leveraging additional logging and an option to use software-derived keys. Full remediation requires a firmware update from the device manufacturer.
As with several of the last Patch Tuesdays, the majority of the vulnerabilities in this month’s release involve the Scripting Engine, which can impact both browsers and Microsoft Office, and should be considered for prioritizing for workstation-type systems that use email and access the internet via a browser..."
___
- https://www.us-cert.gov/ncas/current...curity-Updates
Oct 10, 2017
:fear::fear::fear:
-
Microsoft 'Patch Tuesday' problems
FYI...
Microsoft 'Patch Tuesday' problems ...
... It's been less than a day since the Patch Tuesday patches rolled out, and we're already seeing lots of complaints – and a few unexpected explanations
- https://www.computerworld.com/articl...-problems.html
Oct 11, 2017
... Every version of Windows gets patched, as well as Edge, IE, Skype for Business and Office. Pay special attention to the Word zero-day, the DNS security problem, and the TPM patching madness....
- https://www.computerworld.com/articl...eral-bugs.html
Oct 10, 2017
___
Microsoft patch problems persist...
... Blue screens, bungled releases, stealthy .NET upgrades, CRM blocks and complex manual fixes
- https://www.computerworld.com/articl...-and-more.html
Oct 12, 2017
:fear::fear::fear:
-
MS Oct 2017- known issues
FYI...
Microsoft Dynamics 365 for Outlook is unable to render webpages after installing the October 2017 Microsoft Outlook security update
- https://support.microsoft.com/en-us/...webpages-after
Last Review: Oct 13, 2017 - Rev: 5
Fixes or workarounds for recent issues in Outlook for Windows
Applies To: Outlook 2016 Outlook 2013
- https://support.office.com/en-us/art...rs=en-US&ad=US
Last updated: October 2017
___
- https://askwoody.com/ms-defcon-system/
"... Current Microsoft patches are causing havoc. Don’t patch."
... Blue screens, bungled releases, stealthy .NET upgrades, CRM blocks and complex manual fixes
- https://www.computerworld.com/articl...-and-more.html
Oct 12, 2017
___
> https://askwoody.com/2017/ms-defcon-...tes-and-krack/
Oct 17, 2017 - "... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."
Excel, Access, external DB driver errors linked to this month’s patches
... If you’re seeing new “Unexpected error from external database driver” error messages, chances are good you recently installed KB 4041681 (Win7), KB4041676 (Win10 1703), or any of this month's Windows security patches
- https://www.computerworld.com/articl...s-patches.html
Oct 17, 2017
___
Windows 7 SP1 and Windows Server 2008 R2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/...date-kb4041681
Oct 17, 2017 - "... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 17
Windows 7 SP1 and Windows Server 2008 R2 SP1
October 17, 2017—KB4041686 (Preview of Monthly Rollup)
- https://support.microsoft.com/en-us/...date-kb4041686
"... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 10
___
MS ADV170018 | October Flash Security Update
> https://portal.msrc.microsoft.com/en...sory/ADV170018
10/17/2017
___
Announcing the .NET Framework 4.7.1
- https://blogs.msdn.microsoft.com/dot...amework-4-7-1/
October 17, 2017
Windows 10 release information
- https://technet.microsoft.com/en-us/...ease-info.aspx
Latest revision date - 10/17/2017 - 'Microsoft recommends'
October 17, 2017—KB4043961 (OS Build 16299.19)
Windows 10 Version 1709
- https://support.microsoft.com/en-us/...date-kb4043961
"... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 19
:fear::fear::fear: