Microsoft Security Updates: November 2017

Microsoft Patch notes

File Attachment: November-2017 Updates

This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion’s share is focused on Browsers, Microsoft Office, and Adobe. According to Microsoft, there do not appear to be any actively attacked vulnerabilities in the wild in this patch release.

Interestingly enough, none of the Windows OS patches are listed as Critical this month, but we do recommend focusing on CVE-2017-11830 and CVE-2017-11847, as they address a Security Feature Bypass, and a Privilege Elevation respectively.

It should also be noted that CVE-2017-11848, CVE-2017-11827, CVE-2017-11883, CVE-2017-8700 have public exploits, but they do not appear to be used in any active campaigns.

From a prioritization standpoint, focus on the fixes for CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, which all address the Scripting Engine in Edge and Internet Explorer, especially on laptops, and other workstation-type systems where the logged in user may have administrative privileges. Microsoft lists exploitation as More Likely for these vulnerabilities, especially if a user is tricked into viewing a malicious site or opening an attachment.

While Microsoft lists the fix for CVE-2017-11882 as Important, there may be POC code for this vulnerability, so it is recommended that you give the Office updates attention this month as well.

It should also be noted that last Patch Tuesday, Microsoft quietly released the fix for CVE-2017-13080, widely known as the KRACK vulnerability in WPA2 wireless protocol, but did not make it known until a week later, when the vulnerability was publicly disclosed. Therefore, it is recommended you ensure last month’s security patches are fully addressed. Alternatively, you can install this month’s Monthly Rollups, as they should include this fix.

Adobe has also released patches for 9 advisories, fixing a stunning 62 CVEs for Acrobat and Reader alone, so ensure that you are updating Adobe across your environment to stay protected.

Executive Summary
• Microsoft released security updates for all supported versions of Windows (client and server), and Internet Explorer, Microsoft Edge, Microsoft Office, .Net Core and ASP.NET Core, and Chakra Core.
• No critical updates for Windows, but for IE 11 and Microsoft Edge.
• Lots of know issues

Operating System Distribution
Windows 7: 12 vulnerabilities of which 12 are rated important
Windows 8.1: 11 vulnerabilities of which 11 are rated important
Windows 10 version 1607: 12 vulnerabilities of which 12 are rated important
Windows 10 version 1703: 12 vulnerabilities of which 12 are rated important
Windows 10 version 1709: 9 vulnerabilities of which 9 are rated important

Windows Server products:
Windows Server 2008: 11 vulnerabilities of which 11 are rated important
Windows Server 2008 R2: 12 vulnerabilities of which 12 are rated important
Windows Server 2012 and 2012 R2: 11 vulnerabilities of which 11 are rated important.
Windows Server 2016: 12 vulnerabilities of which 12 are rated important

Other Microsoft Products
Internet Explorer 11: 13 vulnerabilities, 8 critical, 4 important, 1 moderate
Microsoft Edge: 24 vulnerabilities, 16 critical, 8 important

Direct Update Downloads

 

CVE Title Severity Public Exploited XI – Latest XI – Older
CVE-2017-11827 Microsoft Browser Memory Corruption Vulnerability Important Yes No 1 1
CVE-2017-11883 ASP.NET Core Denial Of Service Vulnerability Important Yes No 2 2
CVE-2017-8700 ASP.NET Core Information Disclosure Vulnerability Moderate Yes No 2 2
CVE-2017-11848 Internet Explorer Information Disclosure Vulnerability Moderate Yes No 2 2
CVE-2017-11856 Internet Explorer Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11855 Internet Explorer Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11845 Microsoft Edge Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11837 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11839 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11841 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11861 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11862 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11870 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11836 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11838 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11840 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11843 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11846 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11859 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11866 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11858 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11869 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1
CVE-2017-11871 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11873 Scripting Engine Memory Corruption Vulnerability Critical No No 1 N/A
CVE-2017-11770 .NET CORE Denial Of Service Vulnerability Important No No 3 3
CVE-2017-11879 ASP.NET Core Elevation Of Privilege Vulnerability Important No No 2 2
CVE-2017-11830 Device Guard Security Feature Bypass Vulnerability Important No No 2 2
CVE-2017-11803 Microsoft Edge Information Disclosure Vulnerability Important No No 1 N/A
CVE-2017-11833 Microsoft Edge Information Disclosure Vulnerability Important No No 2 N/A
CVE-2017-11844 Microsoft Edge Information Disclosure Vulnerability Important No No 1 N/A
CVE-2017-11863 Microsoft Edge Security Feature Bypass Vulnerability Important No No 2 N/A
CVE-2017-11872 Microsoft Edge Security Feature Bypass Vulnerability Important No No 2 N/A
CVE-2017-11874 Microsoft Edge Security Feature Bypass Vulnerability Important No No 2 N/A
CVE-2017-11878 Microsoft Excel Memory Corruption Vulnerability Important No No 2 2
CVE-2017-11877 Microsoft Excel Security Feature Bypass Vulnerability Important No No 2 2
CVE-2017-11850 Microsoft Graphics Component Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11884 Microsoft Office Memory Corruption Vulnerability Important No No 2 N/A
CVE-2017-11882 Microsoft Office Memory Corruption Vulnerability Important No No 2 2
CVE-2017-11854 Microsoft Word Memory Corruption Vulnerability Important No No N/A 2
CVE-2017-11791 Scripting Engine Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11834 Scripting Engine Information Disclosure Vulnerability Important No No 3 3
CVE-2017-11832 Windows EOT Font Engine Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11835 Windows EOT Font Engine Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11852 Windows GDI Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11831 Windows Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11880 Windows Information Disclosure Vulnerability Important No No 2 2
CVE-2017-11847 Windows Kernel Elevation of Privilege Vulnerability Important No No 1 1
CVE-2017-11851 Windows Kernel Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11842 Windows Kernel Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11849 Windows Kernel Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11853 Windows Kernel Information Disclosure Vulnerability Important No No 1 1
CVE-2017-11768 Windows Media Player Information Disclosure Vulnerability Important No No 2 2
CVE-2017-11788 Windows Search Denial of Service Vulnerability Important No No 3 3
CVE-2017-11876 Microsoft Project Server Elevation of Privilege Vulnerability Moderate No No 3 3
ProVal Technologies, Inc

ProVal Technologies, Inc

Categories

Get in touch today for MSP NOC Services

Contact Us

ProVal Technologies, Inc

498 Palm Springs Drive, Ste. 130
Altamonte Springs, FL 32701
United States
Phone: 407-588-0101

Facebook Twitter Instagram Linkedin Youtube
SOC 2 Certified Logo
Form CTA

©2023 ProVal Technologies, Inc All Rights Reserved.

Privacy Policy Disclaimer

Microsoft Security Updates: November 2017

Microsoft Patch notes

I truly view ProVal as a partner and extension of my team, not as one of my vendors

When our NOC Manager left last fall we wanted to replace the position with an outsourced NOC to reduce headcount, and bring in an expert to both Labtech and our backup solutions. Bringing in ProVal Technologies was one of the best decisions we made last year and has paid for itself.During our first few monthly recurring Labtech admin meetings the ProVal team discovered incorrect settings and policies that were not applying correctly in our Labtech server. Things that we thought were automated and working were not. For example, there were multiple scripts and policies running but set to do nothing such as disk cleanup scripts. Cisco Umbrella was not configured correctly. Server alerting was not set right and the list went on.The backup team sends daily and weekly reports and updates that reduce my technicians time that we used to spend on backup or antivirus tickets that took forever and were tedious.ProVal also brings in great insights to our business and really cares about our success. They will frequently mention to me in meetings what new scripts they can import to make us more efficient or will schedule upgrades to our backups, Labtech, etc so I don’t have to worry. I truly view ProVal as a partner and extension of my team not as one of my vendors.

Chris-Warnick-Headshot
Chris Warnick
Vision Computer Solutions
Northville, MI

They will quickly become an extension of your team and your ROI will reflect the results

We have been a long time user of Labtech and had tried for many years to manage the product internally with no real success at the level we needed to make our solutions more efficient for our customers. Once we hired Vikram and his team at ProVal, it solved all our pain points with the product and we really felt like we were leveraging the tool as it was designed. If this sounds like you and it’s keeping you up at night, then you need these guys. They will quickly become an extension of your team and your ROI will reflect the results.

Bryan-Wolff-Headshot
Bryan Wolff
CEO, Wolff Logics LT Managed & Admin Services
Cedar Park, Texas

They work well, fast and on budget

We met Vikram from ProVal Tech at Gary Pica’s Shnizzfest a year ago. Vikram explained the advantage of having trained, certified personnel take care of our recent Automate implementation. Even though we had taken an implementation package from ConnectWise to start up the program, we felt many custom configurations we needed for our business were lacking. We hired ProVal Tech after Automate was installed to help us with this task. From sales to technicians everyone was professional and knowledgeable. Onboarding was simple, and well documented. Tools on the web were supplied while we did the work, and they allowed us to track what was done, and see the improvements in the environment. It was easy to reach any of the team members, for any concern or question – all answered with courtesy and smile. Once the work was finished, we were given some training and explanations, add to that documentation, about the work and the scripts and features added to the program. We have been happily working with Automate since then. We can only recommend this efficient team of people for any work into Automate: they work well, fast and on budget.

Ben-Prevost-Headshot
Ben Prevost
FarWeb IT
Sherbrooke, Canada