Microsoft SMBv1 Vulnerability
FYI...
Microsoft SMBv1 Vulnerability
- https://www.us-cert.gov/ncas/current...-Vulnerability
March 16, 2017 - "Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 (SMBv1). Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletin MS17-010* and apply the update. For more information, see the Information Assurance Advisory** and US-CERT's SMB Security Best Practices guidance***."
* https://technet.microsoft.com/library/security/MS17-010
March 14, 2017
** https://www.iad.gov/iad/library/ia-a...-block-1-0.cfm
16 March 2017
*** https://www.us-cert.gov/ncas/current...Best-Practices
Last revised: March 16, 2017
___
- https://www.us-cert.gov/ncas/current...Best-Practices
Last revised: March 16, 2017 - "In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive information from affected systems. US-CERT recommends that users and administrators consider:
disabling SMBv1 and
blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.
US-CERT cautions users and administrators that disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. The benefits of mitigation should be weighed against potential disruptions to users. For more information on SMB, please review Microsoft Security Advisories 2696547* and 204279**."
* https://support.microsoft.com/en-us/kb/2696547
Feb 28, 2017 - Rev: 23
** https://support.microsoft.com/en-us/kb/204279
Jan 7, 2008 - Rev: 1
:fear::fear:
MS17-014 update - Excel 2010
FYI...
MS17-014: Description of the security update for Excel 2010
- https://support.microsoft.com/en-us/...2010-kb3191855
"... Note: To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer...
Improvements and fixes:
Fixes an issue that causes Excel 2010 to crash when spreadsheets are recalculated. This issue occurs after you install MS17-014: Description of the security update for Excel 2010: March 14, 2017 (KB3178690*)..."
Last Review: Mar 28, 2017 - Rev: 9
* https://support.microsoft.com/en-us/help/3178690
___
- https://blogs.technet.microsoft.com/...or-excel-2010/
Mar 28, 2017
___
KB3178690 causing excel 2010 to crash
- https://answers.microsoft.com/en-us/...4-884b2d7d057b
- https://support.microsoft.com/en-us/...2010-kb3191855
___
> http://windowssecrets.com/patch-watc...t-like-a-lamb/
March 28, 2017
:fear::fear:
Post MS17-006 IE11 install - failure
FYI...
Forms in Dynamics CRM 2011 are broken after KB 4013073 for IE11 is installed
- https://support.microsoft.com/en-us/...fter-kb-401307
"Forms in Microsoft Dynamics CRM 2011 are not displayed correctly after KB 4013073 is installed on a Windows system that is running Internet Explorer 11... To get the stand-alone package for this update, go to the Microsoft Update Catalog website*..."
Last Review: Mar 22, 2017 - Rev: 29
* http://www.catalog.update.microsoft....px?q=kb4016446
MS17-006: Cumulative security update for Internet Explorer: March 14, 2017
- https://support.microsoft.com/en-us/...r-march-14-201
Last Review: Mar 14, 2017 - Rev: 31
___
MS17-006: Security update for IE: Mar 14, 2017
- https://support.microsoft.com/en-us/...-march-14-2017
Last Review: Mar 29, 2017 - Rev: 52
> https://technet.microsoft.com/library/security/MS17-006
:fear::fear:
MS Security Bulletin Summary - April 2017
FYI...
MS Security Update Guide
> https://portal.msrc.microsoft.com/en...urity-guidance
Release Notes
April 2017 Security Updates
> https://portal.msrc.microsoft.com/en...9-000d3a32fc99
April 11, 2017 - "The April security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Visual Studio for Mac
.NET Framework
Silverlight
Adobe Flash Player ..."
> https://portal.msrc.microsoft.com/en...idance/summary
Cumulative security update for Internet Explorer: April 11, 2017
> https://support.microsoft.com/en-us/...-april-11-2017
Last Review: Apr 13, 2017 - Rev: 46
"... Additionally, see Windows 10* and Windows Server 2016 update history for more information on cumulative updates for Windows 10 and Windows Server 2016..."
* https://support.microsoft.com/en-us/...update-history
Last Review: Apr 13, 2017 - Rev: 46
___
April 11, 2017, update for Microsoft Office
- https://support.microsoft.com/en-us/...crosoft-office
Last Review: Apr 13, 2017 - Rev: 10
___
Qualys analysis:
- https://blog.qualys.com/laws-of-vuln...curity-updates
April 11, 2017 - "Today is the first month since 1998 in which Microsoft stopped releasing security bulletins with the familiar MSxx-xxx format and replaced it with the new security update guide:
- https://portal.msrc.microsoft.com/en...urity-guidance
In today’s release Microsoft fixed a total of 45 vulnerabilities that could lead to remote code execution, denial-of-service, elevation of privileges, security feature bypass and spoofing. Top priority goes to the Office and WordPad CVE-2017-0199 which fixed a 0-day vulnerability that is being actively exploited in the wild. Exploitation of this vulnerability requires that a user open or preview a specially crafted file with an affected version of Office or WordPad. Attacker could accomplish this by sending a specially crafted file to the user and then convincing the user to open the file. We recommend administrators patch this as soon as possible..."
(More detail at the qualys URL above.)
ISC analysis:
- https://isc.sans.edu/diary.html?storyid=22286
Apr 11 2017 - "Today on Tuesday 2017-04-11, Microsoft announced its monthly security release (also known as "Patch Tuesday). Reviewing Microsoft's Security Update Guide, it looks like there's 644 updates with 210 of them listed as "Critical" severity..."
(More detail at the ISC URL above.)
'ghacks' analysis:
- https://www.ghacks.net/2017/04/11/mi...-2017-release/
April 11, 2017 - "... marks the end of Windows Vista's extended support phase. Microsoft won't release security updates for Windows Vista officially anymore*...
* https://www.ghacks.net/2017/03/11/re...ds-next-month/
... Executive Summary: Security Bulletins are no longer provided. Microsoft switched the information system to the Security Update Guide fully. The April security update patches issues in all supported versions and editions of Microsoft Windows. Other Microsoft products with patches are Microsoft Edge and Internet Explorer, the .NET Framework, Silverlight, and Microsoft Office.
Operating System Distribution:
Windows Vista: 9 vulnerabilities, 1 critical, 8 important
Windows 7: 9 vulnerabilities, 1 critical, 8 important.
Windows 8.1: 23 vulnerabilities, 4 critical, 19 important.
Windows RT 8.1: 11 vulnerabilities, 1 critical, 10 important.
Windows 10 version 1703: 21 vulnerabilities, 5 critical, 16 important..."
:fear::fear::fear:
MS Security Bulletin Summary for March 2017 - revised
FYI...
Microsoft Security Bulletin Summary for March 2017
Published: March 14, 2017 | Updated: April 11, 2017
> https://technet.microsoft.com/en-us/.../ms17-mar.aspx
V2.0 (April 11, 2017): Bulletin Summary revised to announce the following updates:
For MS17-013, the release of update 4017018 for Windows Vista and Windows Server 2008. The update replaces update 4012583 for CVE-2017-0038 only, to comprehensively address the vulnerability. Microsoft recommends that customers running the affected software install the security update to be fully protected from the vulnerability described in this bulletin. See Microsoft Knowledge Base Article 4017018 for more information.
For MS17-014, to comprehensively address CVE-2017-0027 for Office for Mac 2011 only, Microsoft is releasing security update 3212218. Microsoft recommends that customers running Office for Mac 2011 install update 3212218 to be fully protected from this vulnerability. See Microsoft Knowledge Base Article 3212218 for more information.
For MS17-021, security updates that apply to CVE-2017-0042 for Windows Server 2012 are now available. Customers running Windows Server 2012 should install update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be fully protected from this vulnerability. Customers running other versions of Microsoft Windows do not need to take any further action.
___
- https://www.us-cert.gov/ncas/current...curity-Updates
April 12, 2017 - "Microsoft has released -61- updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread malicious code:
> https://nvd.nist.gov/vuln/detail/CVE-2017-0199
US-CERT encourages users and administrators to review Vulnerability Note #VU921560* and Microsoft's April 2017 Security Update** and apply the necessary updates."
* https://www.kb.cert.org/vuls/id/921560
** https://portal.msrc.microsoft.com/en...9-000d3a32fc99
___
April 2017 Office Update Release
- https://blogs.technet.microsoft.com/...pdate-release/
April 11, 2017 - "The April 2017 Public Update releases for Office are now available! This month, there are -19- security updates and 33 non-security updates. All of the security and non-security updates are listed in KB article 4016803:
- https://support.microsoft.com/en-us/...crosoft-office
A new version of Office 2013 Click-To-Run is available: 15.0.4919.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7180.5002 "
> https://portal.msrc.microsoft.com/en.../CVE-2017-0199
April 11, 2017
- http://www.securitytracker.com/id/1038224
CVE Reference: CVE-2017-0199
Updated: Apr 12 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2016 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix, available at:
- https://catalog.update.microsoft.com...px?q=KB4014793
- https://catalog.update.microsoft.com...px?q=KB4015549
- https://catalog.update.microsoft.com...px?q=KB4015551
- http://www.securitytracker.com/id/1038227
CVE Reference: CVE-2017-0106, CVE-2017-0204
Apr 11 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2016; Outlook for Mac 2011
Impact: A remote user can create an email message that, when loaded or previewed by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix.
The vendor advisories are available at:
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...-april-11-2017
- https://support.microsoft.com/en-us/...11-14-7-3-apri
- https://support.microsoft.com/en-us/...-april-11-2017
:fear::fear::fear:
KB4015549 - Win7/Win Svr 2008
FYI...
April 11, 2017 — KB4015549 (Monthly Rollup)
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/...date-kb4015549
Last Review: Apr 12, 2017 - Rev: 21
"... Known issues in this update:
If the PC uses an AMD Carrizo DDR4 processor, installing this update will -block- downloading and installing future Windows updates. Microsoft is working on a resolution and will provide an update in an upcoming release..."
___
- http://www.infoworld.com/article/318...backfires.html
Apr 13, 2017 - "Microsoft is working on a fix after Tuesday’s Windows 7 and 8.1 security updates misfired on some users, forcibly locking them -out- of future Windows updates.
Microsoft has acknowledged that the updates’ detection mechanism, intended to force users with newer 7th generation processor chips to move to Windows 10, also caught people with 6th generation AMD Carrizo DDR 4 PCs, which -were- explicitly -allowed- under terms of Microsoft’s Lifecycle Policy FAQ. Microsoft admitted erroneously -blocking- Windows Update on -four- different Tuesday patches:
KB 4015549 (the Win7 Monthly Rollup), KB 4015546 (the Win7 Security-Only patch), KB 4015550 (the Win8.1 Monthly Rollup), and KB 4015547 (the Win8.1 Security-Only patch)..."
:fear::fear::fear:
MS - Feedback on the Security Update Guide
FYI...
MS - Feedback on the Security Update Guide
- https://blogs.technet.microsoft.com/...-update-guide/
April 21, 2017 - "The Security Update Guide* has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and implementation of the Security Update Guide. As we completed Preview this month, we want to let you know that we are continuing to listen to your feedback, and are working to enhance your experience... If you have questions about the change, or how to accomplish certain tasks, we have a FAQ**, as well as a TechNet support forum*** for the Security Update Guide. If you have questions about how to use the Security Update Guide or a suggestion to improve it, please post to the forum or (even better) upvote someone else’s suggestion if you also like it. We are listening."
* https://portal.msrc.microsoft.com/en...urity-guidance
FAQ: ** https://technet.microsoft.com/en-us/security/mt791750
Forum: *** https://social.technet.microsoft.com...ityupdateguide
___
Why is Intel allowing this?
- https://software.intel.com/en-us/for...s/topic/731318
4/14/2017
:blink: :confused:
MS Ending Security Updates for Win10 v1507
FYI...
MS Ending Security Updates for Windows 10 version 1507
- https://www.us-cert.gov/ncas/current...0-version-1507
May 04, 2017 - "After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates. US-CERT encourages users and administrators to review Microsoft's Windows 10 version 1507 post* for more information and to apply necessary updates."
* https://support.microsoft.com/en-us/...curity-updates
Last Review: Apr 12, 2017 - Rev: 17
"... Microsoft recommends visiting the Software Download site** and selecting 'Update now' to manually update your device..."
** https://www.microsoft.com/software-download/windows10
___
Outlook 2010 (KB3191906)
- https://support.microsoft.com/en-us/...2010-kb3191906
Article ID: 3191906 - Last Review: May 2, 2017 - Rev: 11
"... Fixes the following issue: When you add attachments to a saved email message and then send the email message in Outlook 2010, the attachments are missing, corrupted or duplicated..."
> https://www.catalog.update.microsoft...aspx?q=3191906
Office 2010 (KB3128031)
- https://support.microsoft.com/en-us/...2010-kb3128031
Article ID: 3128031 - Last Review: May 2, 2017 - Rev: 9
"... Improvements and fixes: Improves the robustness to make sure that the stability of Office 2010 applications in certain scenarios..."
> https://www.catalog.update.microsoft...aspx?q=3128031
:fear::fear: