Microsoft Security Updates: November 2017

File Attachment: November-2017 Updates

This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion’s share is focused on Browsers, Microsoft Office, and Adobe. According to Microsoft, there do not appear to be any actively attacked vulnerabilities in the wild in this patch release.

Interestingly enough, none of the Windows OS patches are listed as Critical this month, but we do recommend focusing on CVE-2017-11830 and CVE-2017-11847, as they address a Security Feature Bypass, and a Privilege Elevation respectively.

It should also be noted that CVE-2017-11848, CVE-2017-11827, CVE-2017-11883, CVE-2017-8700 have public exploits, but they do not appear to be used in any active campaigns.

From a prioritization standpoint, focus on the fixes for CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, which all address the Scripting Engine in Edge and Internet Explorer, especially on laptops, and other workstation-type systems where the logged in user may have administrative privileges. Microsoft lists exploitation as More Likely for these vulnerabilities, especially if a user is tricked into viewing a malicious site or opening an attachment.

While Microsoft lists the fix for CVE-2017-11882 as Important, there may be POC code for this vulnerability, so it is recommended that you give the Office updates attention this month as well.

It should also be noted that last Patch Tuesday, Microsoft quietly released the fix for CVE-2017-13080, widely known as the KRACK vulnerability in WPA2 wireless protocol, but did not make it known until a week later, when the vulnerability was publicly disclosed. Therefore, it is recommended you ensure last month’s security patches are fully addressed. Alternatively, you can install this month’s Monthly Rollups, as they should include this fix.

Adobe has also released patches for 9 advisories, fixing a stunning 62 CVEs for Acrobat and Reader alone, so ensure that you are updating Adobe across your environment to stay protected.

Executive Summary
• Microsoft released security updates for all supported versions of Windows (client and server), and Internet Explorer, Microsoft Edge, Microsoft Office, .Net Core and ASP.NET Core, and Chakra Core.
• No critical updates for Windows, but for IE 11 and Microsoft Edge.
• Lots of know issues

Operating System Distribution
• Windows 7: 12 vulnerabilities of which 12 are rated important
• Windows 8.1: 11 vulnerabilities of which 11 are rated important
• Windows 10 version 1607: 12 vulnerabilities of which 12 are rated important
• Windows 10 version 1703: 12 vulnerabilities of which 12 are rated important
• Windows 10 version 1709: 9 vulnerabilities of which 9 are rated important

Windows Server products:
• Windows Server 2008: 11 vulnerabilities of which 11 are rated important
• Windows Server 2008 R2: 12 vulnerabilities of which 12 are rated important
• Windows Server 2012 and 2012 R2: 11 vulnerabilities of which 11 are rated important.
• Windows Server 2016: 12 vulnerabilities of which 12 are rated important

Other Microsoft Products
• Internet Explorer 11: 13 vulnerabilities, 8 critical, 4 important, 1 moderate
• Microsoft Edge: 24 vulnerabilities, 16 critical, 8 important

Direct Update Downloads

CVE	Title	Severity	Public	Exploited	XI - Latest	XI - Older
CVE-2017-11827	Microsoft Browser Memory Corruption Vulnerability	Important	Yes	No	1	1
CVE-2017-11883	ASP.NET Core Denial Of Service Vulnerability	Important	Yes	No	2	2
CVE-2017-8700	ASP.NET Core Information Disclosure Vulnerability	Moderate	Yes	No	2	2
CVE-2017-11848	Internet Explorer Information Disclosure Vulnerability	Moderate	Yes	No	2	2
CVE-2017-11856	Internet Explorer Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11855	Internet Explorer Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11845	Microsoft Edge Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11837	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11839	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11841	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11861	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11862	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11870	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11836	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11838	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11840	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11843	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11846	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11859	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11866	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11858	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11869	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	1
CVE-2017-11871	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11873	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A
CVE-2017-11770	.NET CORE Denial Of Service Vulnerability	Important	No	No	3	3
CVE-2017-11879	ASP.NET Core Elevation Of Privilege Vulnerability	Important	No	No	2	2
CVE-2017-11830	Device Guard Security Feature Bypass Vulnerability	Important	No	No	2	2
CVE-2017-11803	Microsoft Edge Information Disclosure Vulnerability	Important	No	No	1	N/A
CVE-2017-11833	Microsoft Edge Information Disclosure Vulnerability	Important	No	No	2	N/A
CVE-2017-11844	Microsoft Edge Information Disclosure Vulnerability	Important	No	No	1	N/A
CVE-2017-11863	Microsoft Edge Security Feature Bypass Vulnerability	Important	No	No	2	N/A
CVE-2017-11872	Microsoft Edge Security Feature Bypass Vulnerability	Important	No	No	2	N/A
CVE-2017-11874	Microsoft Edge Security Feature Bypass Vulnerability	Important	No	No	2	N/A
CVE-2017-11878	Microsoft Excel Memory Corruption Vulnerability	Important	No	No	2	2
CVE-2017-11877	Microsoft Excel Security Feature Bypass Vulnerability	Important	No	No	2	2
CVE-2017-11850	Microsoft Graphics Component Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11884	Microsoft Office Memory Corruption Vulnerability	Important	No	No	2	N/A
CVE-2017-11882	Microsoft Office Memory Corruption Vulnerability	Important	No	No	2	2
CVE-2017-11854	Microsoft Word Memory Corruption Vulnerability	Important	No	No	N/A	2
CVE-2017-11791	Scripting Engine Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11834	Scripting Engine Information Disclosure Vulnerability	Important	No	No	3	3
CVE-2017-11832	Windows EOT Font Engine Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11835	Windows EOT Font Engine Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11852	Windows GDI Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11831	Windows Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11880	Windows Information Disclosure Vulnerability	Important	No	No	2	2
CVE-2017-11847	Windows Kernel Elevation of Privilege Vulnerability	Important	No	No	1	1
CVE-2017-11851	Windows Kernel Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11842	Windows Kernel Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11849	Windows Kernel Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11853	Windows Kernel Information Disclosure Vulnerability	Important	No	No	1	1
CVE-2017-11768	Windows Media Player Information Disclosure Vulnerability	Important	No	No	2	2
CVE-2017-11788	Windows Search Denial of Service Vulnerability	Important	No	No	3	3
CVE-2017-11876	Microsoft Project Server Elevation of Privilege Vulnerability	Moderate	No	No	3	3

Microsoft Security Updates: November 2017

Categories

Labtech

Mac Agent Functionality Within ConnectWise Automate

ConnectWise RMM vs Automate: Should I be using CW RMM?

ConnectWise Automate on Linux – Best Practices

ConnectWise Automate Maintenance Mode Explained Best Practice

Uninstalling and Offboarding Automate Agents

How to Set Up Automate users to use ConnectWise SSO

Windows 10 Build Upgrades are Inevitable - Use Kaseya/ConnectWise Automate to Deploy

Best Practice Naming of Patching Groups

Automate 12 Patch 9 Now Available!

5 Tips for using the Report Center

Business Continuity

Proactive Maintenance

Kaseya

What Should I be Automating in Kaseya VSA 9.5?

Security Best Practices for Kaseya VSA

Kaseya VSA: Software Management vs. Patch Management

Software Management Enhancements

Two-Factor Authentication in Kaseya VSA

Windows 7 & Windows 10 Multiple Builds End of Life – Upgrade Using Kaseya or ConnectWise Automate

Kaseya Network Monitor: Benefits & Features

Kaseya Patch 9.5.0.22 and Future Updates

Kaseya's New State-of-the-Art Contemporary User Interface

Kaseya Product Release - April '19

Datto

Creating & Implementing a Disaster Recovery Plan

Disaster Recovery – Minimizing Impact of Downtime

Updating a Datto Device

Datto Agent Communication Errors

Datto

StorageCraft

Get in touch today for MSP Centralized Services