Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - Microsoft Patch Tuesday August 2017 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Patch Tuesday August 2017

Published: 2017-08-08
Last Updated: 2017-08-08 15:53:06 UTC
by Johannes Ullrich (Version: 1)
6 comment(s)

When Microsoft changed its update process a few months ago, we were initially no longer able to quickly produce our usual assessment of Microsoft's patches. Finally, I think we have a way to get at least some of it back, and this is our first take on it. Please let me know if I should change anything. I know a few people wrote scripts to parse the table. I would recommend that you use Microsoft's own API to do so in the future. The layout of the table may change and screen-scraping is never a good idea.

What do the fields mean:

  • Description: Microsoft's description of the flaw
  • MSFT Severity: The highest severity Microsoft assigned to the flaw. Sometimes, Microsoft assigns different severities to different versions of the product affected by the flaw.
  • CVE: CVE Number
  • Disclosed/Exploited: Has the vulnerability been publicly disclosed or exploited in the wild prior to the release of the patch
  • Exploitablity: How likley is it, that this vulnerability will be exploited. (old: oldest supported version of the sooftware, current: current software version)
  • Client Severity: The severity we (ISC) assigned to this vulnerability for clients (Desktops)
  • Server Severtiy: The severity we (ISC) assigned to this vulnerability to servers (servers run software like IIS and are more exposed to the internet)

Expect a few updates as I am refining the table. Use our contact form for feedback.

Description MSFT Severity
CVE Disclosed/Exploited Exploitability (old/current) Client Severity Server Severity
Scripting Engine Security Feature Bypass Vulnerability Important
CVE 2017-8637 No/No ?/? Important Important
Windows Subsystem for Linux Denial of Service Vulnerability  
CVE 2017-8627 Yes/No ?/?    
August 2017 Flash Update Critical
ADV170010 No/No ?/? Critical Critical
Volume Manager Extension Driver Information Disclosure Vulnerability Important
CVE 2017-8668 No/No Less Likely/Less Likely Important Important
Windows Error Reporting Elevation of Privilege Vulnerability Important
CVE 2017-8633 Yes/No More Likely/More Likely Important Important
Microsoft Edge Memory Corruption Vulnerability Critical
CVE 2017-8661 No/No ?/? Critical Critical
Windows Subsystem for Linux Elevation of Privilege Vulnerability  
CVE 2017-8622 No/No ?/?    
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important
CVE 2017-8673 No/No ?/? Important Important
Microsoft Edge Security Feature Bypass Vulnerability Moderate
CVE 2017-8650 No/No ?/? Moderate Moderate
Scripting Engine Memory Corruption Vulnerability Critical
CVE 2017-8634 No/No ?/? Critical Critical
CVE 2017-8635 No/No More Likely/More Likely  
CVE 2017-8636 No/No More Likely/More Likely  
CVE 2017-8638 No/No ?/?  
CVE 2017-8639 No/No ?/?  
CVE 2017-8640 No/No ?/?  
CVE 2017-8670 No/No ?/?  
CVE 2017-8671 No/No ?/?  
CVE 2017-8672 No/No ?/?  
CVE 2017-8641 No/No More Likely/More Likely  
CVE 2017-8645 No/No ?/?  
CVE 2017-8646 No/No ?/?  
CVE 2017-8647 No/No ?/?  
CVE 2017-8655 No/No ?/?  
CVE 2017-8656 No/No ?/?  
CVE 2017-8657 No/No ?/?  
CVE 2017-8674 No/No ?/?  
Windows Hyper-V Remote Code Execution Vulnerability Important
CVE 2017-8664 No/No Less Likely/Less Likely Important Important
Microsoft Browser Memory Corruption Vulnerability Critical
CVE 2017-8669 No/No More Likely/More Likely Critical Critical
CVE 2017-8653 No/No More Likely/More Likely  
Win32k Information Disclosure Vulnerability Important
CVE 2017-8666 No/No More Likely/More Likely Important Important
Express Compressed Fonts Remote Code Execution Vulnerability Important
CVE 2017-8691 No/No Less Likely/Less Likely Important Important
Windows NetBIOS Denial of Service Vulnerability Important
CVE 2017-0174 No/No Less Likely/Less Likely Important Important
Windows CLFS Elevation of Privilege Vulnerability Important
CVE 2017-8624 No/No More Likely/More Likely Important Important
Windows IME Remote Code Execution Vulnerability Critical
CVE 2017-8591 No/No Less Likely/Less Likely Critical Critical
Microsoft Office SharePoint XSS Vulnerability Important
CVE 2017-8654 No/No Unlikely/Unlikely Important Important
Windows Search Remote Code Execution Vulnerability Critical
CVE 2017-8620 No/No More Likely/More Likely Critical Critical
Microsoft SQL Server Analysis Services Information Disclosure Vulnerability Important
CVE 2017-8516 No/No Unlikely/Unlikely Important Important
Scripting Engine Information Disclosure Vulnerability Important
CVE 2017-8659 No/No ?/? Important Important
Windows Hyper-V Denial of Service Vulnerability Important
CVE 2017-8623 No/No Unlikely/Unlikely Important Important
Microsoft Edge Elevation of Privilege Vulnerability Important
CVE 2017-8503 No/No ?/? Important Important
CVE 2017-8642 No/No ?/?  
Microsoft Edge Information Disclosure Vulnerability  
CVE 2017-8662 No/No ?/?    
CVE 2017-8644 No/No ?/?  
CVE 2017-8652 No/No ?/?  
Windows PDF Remote Code Execution Vulnerability Critical
CVE 2017-0293 No/No Less Likely/Less Likely Critical Critical
Win32k Elevation of Privilege Vulnerability Important
CVE 2017-8593 No/No More Likely/More Likely Important Important
Internet Explorer Security Feature Bypass Vulnerability Important
CVE 2017-8625 No/No Less Likely/Less Likely Important Important
Microsoft JET Database Engine Remote Code Execution Vulnerability Critical
CVE 2017-0250 No/No Unlikely/Unlikely Critical Critical
Internet Explorer Memory Corruption Vulnerability  
CVE 2017-8651 No/No ?/?    

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|

Keywords:
6 comment(s)
Diary Archives