December Microsoft Patch Tuesday Summary
Microsoft today patched 36 different vulnerabilities (+ Flash). Luckily, none of the vulnerabilities have been exploited in the wild of have been disclosed prior to today. The list includes the malware protection engine update that was released on Friday. Probably the most interesting vulnerability is the remote code execution in Windows RRAS. (CVE-2017-11885). According to Microsoft, this vulnerability can be exploited via RPC on servers that have routing enabled. (RRAS is the Routing and Remote Access Service). I am a bit confused why Microsoft rates this one only as "important". Maybe because RRAS is not enabled by default.
| CVE | Description | |||
|---|---|---|---|---|
| Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| CVE-2017-11885 | Windows RRAS Service Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11889 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11890 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11893 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11895 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11899 | Microsoft Windows Security Feature Bypass Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11901 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11903 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11906 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11908 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11909 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11910 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11911 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11912 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11913 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11914 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11918 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11927 | Microsoft Windows Information Disclosure Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11930 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11932 | Microsoft Exchange Spoofing Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11937 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Critical |
| ADV170021 | Microsoft Office Defense in Depth Update | |||
| No | No | More Likely | More Likely | None |
| ADV170023 | Microsoft Exchange Defense in Depth Update | |||
| No | No | - | - | None |
| CVE-2017-11886 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11887 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11888 | Microsoft Edge Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11894 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11907 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11905 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11916 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11919 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11934 | Microsoft PowerPoint Information Disclosure Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11935 | Microsoft Excel Remote Code Execution Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11936 | Microsoft SharePoint Elevation of Privilege Vulnerability | |||
| No | No | - | - | Important |
| ADV170022 | December 2017 Flash Security Update | |||
| No | No | - | - | Critical |
| CVE-2017-11939 | Microsoft Office Information Disclosure Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11940 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Critical |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
My next class:
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
![modal content]()
Diary Archives
Comments