Microsoft Security Updates: October 2017

File Attachment: October-2017 Updates

Microsoft has released patches covering 62 vulnerabilities as part of October’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in Microsoft Office is being actively exploited in the wild.

Top priority for patching should go to a vulnerability in Microsoft Office, CVE-2017-11826, which Microsoft has ranked as “Important” and is actively being exploited in the wild.

Priority should also be given to CVE-2017-11771, which is a vulnerability in the Windows Search service. This is the fourth Patch Tuesday this year to feature a vulnerability in this service. As with the others, this vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. While an exploit against this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya.

Also of note are two vulnerabilities in the Windows font library, CVE-2017-11762 and CVE-2017-11763, that can be exploited through a browser or malicious file, as well as a vulnerability in DNSAPI, CVE-2017-11779, that could allow a malicious DNS server to execute code on a client system.

A vulnerability in certain TPM chips is addressed by ADV170012. This vulnerability is in the TPM chip itself, and not in Windows, but could result in weak cryptographic keys. These keys are used for BitLocker, Biometric auth, and other areas of Windows. The updates provide a workaround for the weak keys leveraging additional logging and an option to use software-derived keys. Full remediation requires a firmware update from the device manufacturer.

As with several recent Patch Tuesdays, the majority of the vulnerabilities in this month’s release involve the Scripting Engine, which can impact both browsers and Microsoft Office, and should be considered for prioritizing for workstation-type systems that use email and access the internet via a browser.

Adobe has not released any security patches for this Patch Tuesday.

Executive Summary
• Windows 10 version 1511, the November Update, won't receive security updates anymore. Refer to link for details: https://support.microsoft.com/en-us/help/4035050/windows-10-version-1511-will-no-longer-receive-security-updates
• Microsoft released security patches for all versions of Windows.
• Security updates were also released for Internet Explorer, Microsoft Edge, Skype for Business and Lync, and Microsoft Office.

Operating System Distribution
• Windows 7: 20 vulnerabilities of which 5 are rated critical, 15 important
• Windows 8.1: 23 vulnerabilities of which 6 are rated critical, 17 important
• Windows 10 version 1607: 29 vulnerabilities, 6 critical, 23 important
• Windows 10 version 1703: 29 vulnerabilities of which 6 are rated critical, 23 important

Windows Server products:
• Windows Server 2008 R2: 18 vulnerabilities, of which 3 are rated critical, 15 important
• Windows Server 2012 and 2012 R2: 23 vulnerabilities, of which 6 are rated critical, and 17 important
• Windows Server 2016: 29 vulnerabilities of which 6 are rated critical, 23 important

Other Microsoft Products
• Internet Explorer 11: 5 vulnerabilities, 4 critical, 1 important
• Microsoft Edge: 16 vulnerabilities, 14 critical, 2 important

Direct Update Downloads

Windows 7 SP1 and Windows Server 2008 R2 SP
• KB4041681-- 2017-10 Security Monthly Quality Rollup for Windows 7 for x86-based Systems
• KB4041678 -- 2017-10 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems

Windows 8.1 and Windows Server 2012 R2
• KB4041693 -- 2017-10 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems
• KB4041687 -- 2017-10 Security Only Quality Update for Windows 8.1 for x86-based Systems

Windows 10 (version 1511)
•KB4041689 -- Windows 10 Version 1511 -- End of Support after this update.

Windows 10 and Windows Server 2016 (version 1607)
•KB4041691-- 2017-10 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 and Windows Server 2016 (version 1703)
•KB4041676 -- 2017-10 Cumulative Update for Windows 10 Version 1703

Microsoft Security Updates: October 2017

Categories

Labtech

Mac Agent Functionality Within ConnectWise Automate

ConnectWise RMM vs Automate: Should I be using CW RMM?

ConnectWise Automate on Linux – Best Practices

ConnectWise Automate Maintenance Mode Explained Best Practice

Uninstalling and Offboarding Automate Agents

How to Set Up Automate users to use ConnectWise SSO

Windows 10 Build Upgrades are Inevitable - Use Kaseya/ConnectWise Automate to Deploy

Best Practice Naming of Patching Groups

Automate 12 Patch 9 Now Available!

5 Tips for using the Report Center

Business Continuity

Proactive Maintenance

Kaseya

What Should I be Automating in Kaseya VSA 9.5?

Security Best Practices for Kaseya VSA

Kaseya VSA: Software Management vs. Patch Management

Software Management Enhancements

Two-Factor Authentication in Kaseya VSA

Windows 7 & Windows 10 Multiple Builds End of Life – Upgrade Using Kaseya or ConnectWise Automate

Kaseya Network Monitor: Benefits & Features

Kaseya Patch 9.5.0.22 and Future Updates

Kaseya's New State-of-the-Art Contemporary User Interface

Kaseya Product Release - April '19

Datto

Creating & Implementing a Disaster Recovery Plan

Disaster Recovery – Minimizing Impact of Downtime

Updating a Datto Device

Datto Agent Communication Errors

Datto

StorageCraft

Get in touch today for MSP Centralized Services