Today on Tuesday 2017-04-11, Microsoft announced its monthly security release (also known as "Patch Tuesday). Reviewing Microsoft's Security Update Guide, it looks like there's 644 updates with 210 of them listed as "Critical" severity. The highest profile issue from this set of updates invovles CVE-2017-0199. This vulnerablility was actively being exploited through malicious email campaigns sending Microsoft Office RTF documents as early as this past weekend. Microsoft's April 2017 security release consists of security updates for the following software:
A full list of the 210 critical items from 2017-04-11, sorted by Knowledge Base (KB) designator, follows: (Read: KB article -- Product -- Platform -- Details -- Severity)
|
Brad 387 Posts ISC Handler Apr 11th 2017 |
Thread locked Subscribe |
Apr 11th 2017 3 years ago |
good lord
|
TuggDougins 37 Posts |
Quote |
Apr 11th 2017 3 years ago |
I did not see any any notification they were retiring the MSxx-xxx bulletin grouping designation. I would have highly recommended they at least replace the MSxx-xxx designation with the actual CVE-xxxx-xxxx designation. Approving updates without grouping in SCCM is going to be a monthly eye chart test.
|
Anonymous |
Quote |
Apr 12th 2017 3 years ago |
I agree. I've had a hard time trying to group these together for a more coherent read.
|
Brad 387 Posts ISC Handler |
Quote |
Apr 12th 2017 3 years ago |
Same here but here are some tips:
https://github.com/Microsoft/MSRC-Microsoft-Security-Updates-API https://portal.msrc.microsoft.com/en-us/developer Example of the output for the html module: This report contains detail for the following vulnerabilities: •CVE-2017-0158 - Scripting Engine Memory Corruption Vulnerability •CVE-2013-6629 - libjpeg Information Disclosure Vulnerability •CVE-2017-0178 - Hyper-V Denial of Service Vulnerability •CVE-2017-0179 - Hyper-V Denial of Service Vulnerability •CVE-2017-0180 - Hyper-V Remote Code Execution Vulnerability •CVE-2017-0181 - Hyper-V Remote Code Execution Vulnerability •CVE-2017-0182 - Hyper-V Denial of Service Vulnerability •CVE-2017-0183 - Hyper-V Denial of Service Vulnerability •CVE-2017-0184 - Hyper-V Denial of Service Vulnerability •CVE-2017-0185 - Hyper-V Denial of Service Vulnerability •CVE-2017-0186 - Hyper-V Denial of Service Vulnerability •CVE-2017-0188 - Win32k Information Disclosure Vulnerability •CVE-2017-0189 - Win32k Elevation of Privilege Vulnerability •CVE-2017-0191 - Windows Denial of Service Vulnerability •CVE-2017-0192 - ATMFD.dll Information Disclosure Vulnerability •CVE-2017-0195 - Microsoft Office XSS Elevation of Privilege Vulnerability •CVE-2017-0197 - Office DLL Loading Vulnerability •CVE-2017-0199 - Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API •CVE-2017-0207 - Microsoft Office Spoofing Vulnerability •2017-2605 - Defense-in-Depth Update for Microsoft Office •CVE-2017-0210 - Internet Explorer Elevation of Privilege Vulnerability •CVE-2017-0058 - Win32k Information Disclosure Vulnerability •CVE-2017-0093 - Scripting Engine Memory Corruption Vulnerability •CVE-2017-0106 - Microsoft Outlook Remote Code Execution Vulnerability •CVE-2017-0155 - Windows Graphics Elevation of Privilege Vulnerability •CVE-2017-0156 - Windows Graphics Component Elevation of Privilege Vulnerability •CVE-2017-0159 - ADFS Security Feature Bypass Vulnerability •CVE-2017-0160 - .NET Remote Code Execution Vulnerability •CVE-2017-0162 - Hyper-V Remote Code Execution Vulnerability •CVE-2017-0163 - Hyper-V Remote Code Execution Vulnerability •CVE-2017-0164 - Active Directory Denial of Service Vulnerability •CVE-2017-0165 - Windows Elevation of Privilege Vulnerability •CVE-2017-0166 - LDAP Elevation of Privilege Vulnerability •CVE-2017-0167 - Windows Kernel Information Disclosure Vulnerability •CVE-2017-0168 - Hyper-V Information Disclosure Vulnerability •CVE-2017-0169 - Hyper-V Information Disclosure Vulnerability •CVE-2017-0194 - Microsoft Office Memory Corruption Vulnerability •CVE-2017-0200 - Microsoft Edge Memory Corruption Vulnerability •CVE-2017-0201 - Scripting Engine Memory Corruption Vulnerability •CVE-2017-0202 - Internet Explorer Memory Corruption Vulnerability •CVE-2017-0203 - Microsoft Edge Security Feature Bypass Vulnerability •CVE-2017-0204 - Microsoft Office Security Feature Bypass Vulnerability •CVE-2017-0205 - Microsoft Edge Memory Corruption Vulnerability •2017-3447 - April Flash Security Update •CVE-2017-0208 - Scripting Engine Information Disclosure Vulnerability •CVE-2017-0211 - Windows OLE Elevation of Privilege Vulnerability |
EricLauzon 3 Posts |
Quote |
Apr 12th 2017 3 years ago |
You can group by CVE, but you have to add the "Details" field to the view on the security guidance list.
|
jbmartin6 20 Posts |
Quote |
Apr 12th 2017 3 years ago |
Interesting that for both the monthy & security-only rollups:
2017-04 Security-only update - KB4015546 2017-04 Monthly Rollup - KB4015549 They warn that (known issues) "If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates." *ack* |
Anonymous |
Quote |
Apr 12th 2017 3 years ago |
To save others some time - this worked for me. Provides a "Microsoft Security Bulletin Summary" html file. Instead of MS bulletin numbers it is the CVEs.
Get an APIkey from Microsoft at https://portal.msrc.microsoft.com/en-us/developer In an elevated powershell - Install-Module -name msrcsecurityupdates After the module is installed the rest can be run without admin rights. just replace the APIkey 999 below with the one you got from Microsoft. import-module -name msrcsecurityupdates -force set-msrcapikey -apikey "999" -verbose get-msrccvrfdocument -id 2017-apr | get-msrcsecuritybulletinhtml > msrc-2017-04.html |
Charles 1 Posts |
Quote |
Apr 13th 2017 3 years ago |
You only need to install the module in an elevated prompt if you want other users on the system to use the module. You can use "-Scope CurrentUser" with Install-Module to simply add it to your own profile using normal privileges.
|
jbmartin6 20 Posts |
Quote |
Apr 18th 2017 3 years ago |
If you want the list of patches listed for a specific CVE you can try this
https://portal.msrc.microsoft.com/en-US/security-guidance Type in the CVE in the search. It can also export it as an .xlsx file, complete with web links to the applicable patches. |
Michael 32 Posts |
Quote |
Apr 22nd 2017 3 years ago |
Sign Up for Free or Log In to start participating in the conversation!