Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: April 2017 Microsoft Patch Tuesday SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
April 2017 Microsoft Patch Tuesday

Today on Tuesday 2017-04-11, Microsoft announced its monthly security release (also known as "Patch Tuesday).  Reviewing Microsoft's Security Update Guide, it looks like there's 644 updates with 210 of them listed as "Critical" severity.

  • Release notes are here.
  • Details can be found here.

The highest profile issue from this set of updates invovles CVE-2017-0199.  This vulnerablility was actively being exploited through malicious email campaigns sending Microsoft Office RTF documents as early as this past weekend.

Microsoft's April 2017 security release consists of security updates for the following software:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Visual Studio for Mac
  • .NET Framework
  • Silverlight
  • Adobe Flash Player

A full list of the 210 critical items from 2017-04-11, sorted by Knowledge Base (KB) designator, follows:

(Read: KB article -- Product -- Platform -- Details -- Severity)

  • KB3118388 -- Microsoft Outlook 2010 Service Pack 2 (32-bit editions) -- N/A -- CVE-2017-0106 -- Critical
  • KB3118388 -- Microsoft Outlook 2010 Service Pack 2 (64-bit editions) -- N/A -- CVE-2017-0106 -- Critical
  • KB3127890 -- Microsoft Outlook 2007 Service Pack 3 -- N/A -- CVE-2017-0106 -- Critical
  • KB3141529 -- Microsoft Office 2007 Service Pack 3 -- N/A -- CVE-2017-0199 -- Critical
  • KB3141538 -- Microsoft Office 2010 Service Pack 2 (32-bit editions) -- N/A -- CVE-2017-0199 -- Critical
  • KB3141538 -- Microsoft Office 2010 Service Pack 2 (64-bit editions) -- N/A -- CVE-2017-0199 -- Critical
  • KB3172519 -- Microsoft Outlook 2013 Service Pack 1 (32-bit editions) -- N/A -- CVE-2017-0106 -- Critical
  • KB3172519 -- Microsoft Outlook 2013 Service Pack 1 (64-bit editions) -- N/A -- CVE-2017-0106 -- Critical
  • KB3178664 -- Microsoft Outlook 2016 (32-bit edition) -- N/A -- CVE-2017-0106 -- Critical
  • KB3178664 -- Microsoft Outlook 2016 (64-bit edition) -- N/A -- CVE-2017-0106 -- Critical
  • KB3178703 -- Microsoft Office 2016 (32-bit edition) -- N/A -- CVE-2017-0199 -- Critical
  • KB3178703 -- Microsoft Office 2016 (64-bit edition) -- N/A -- CVE-2017-0199 -- Critical
  • KB3178710 -- Microsoft Office 2013 Service Pack 1 (32-bit editions) -- N/A -- CVE-2017-0199 -- Critical
  • KB3178710 -- Microsoft Office 2013 Service Pack 1 (64-bit editions) -- N/A -- CVE-2017-0199 -- Critical
  • KB3211308 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- N/A -- CVE-2017-0163 -- Critical
  • KB3211308 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- N/A -- CVE-2017-0180 -- Critical
  • KB3211308 -- Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) -- N/A -- CVE-2017-0163 -- Critical
  • KB3211308 -- Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) -- N/A -- CVE-2017-0180 -- Critical
  • KB4014661 -- Internet Explorer 9 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- CVE-2017-0201 -- Critical
  • KB4014661 -- Internet Explorer 9 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- CVE-2017-0201 -- Critical
  • KB4014661 -- Internet Explorer 9 -- Windows Vista Service Pack 2 -- CVE-2017-0201 -- Critical
  • KB4014661 -- Internet Explorer 9 -- Windows Vista x64 Edition Service Pack 2 -- CVE-2017-0201 -- Critical
  • KB4014981 -- Microsoft .NET Framework 3.5.1 -- Windows 7 for 32-bit Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 3.5.1 -- Windows 7 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 3.5.1 -- Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 3.5.1 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 3.5.1 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.5.2 -- Windows Vista Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.5.2 -- Windows Vista x64 Edition Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6.2 -- Windows 7 for 32-bit Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6.2 -- Windows 7 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows 7 for 32-bit Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows 7 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014981 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 3.5 -- Windows Server 2012 -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 3.5 -- Windows Server 2012 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2012 -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2012 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2012 -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2012 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2012 -- CVE-2017-0160 -- Critical
  • KB4014982 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2012 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 3.5 -- Windows 8.1 for 32-bit systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 3.5 -- Windows 8.1 for x64-based systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 3.5 -- Windows Server 2012 R2 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 3.5 -- Windows Server 2012 R2 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.5.2 -- Windows 8.1 for 32-bit systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.5.2 -- Windows 8.1 for x64-based systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.5.2 -- Windows RT 8.1 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2012 R2 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2012 R2 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6.2 -- Windows 8.1 for 32-bit systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6.2 -- Windows 8.1 for x64-based systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6.2 -- Windows RT 8.1 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2012 R2 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2012 R2 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows 8.1 for 32-bit systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows 8.1 for x64-based systems -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows RT 8.1 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2012 R2 -- CVE-2017-0160 -- Critical
  • KB4014983 -- Microsoft .NET Framework 4.6/4.6.1 -- Windows Server 2012 R2 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 2.0 Service Pack 2 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 2.0 Service Pack 2 -- Windows Server 2008 for Itanium-Based Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 2.0 Service Pack 2 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 2.0 Service Pack 2 -- Windows Vista Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 2.0 Service Pack 2 -- Windows Vista x64 Edition Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.5.2 -- Windows 7 for 32-bit Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.5.2 -- Windows 7 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.5.2 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.6 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.6 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.6 -- Windows Vista Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4014984 -- Microsoft .NET Framework 4.6 -- Windows Vista x64 Edition Service Pack 2 -- CVE-2017-0160 -- Critical
  • KB4015067 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Server 2008 for Itanium-Based Systems Service Pack 2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Server 2008 for x64-based Systems Service Pack 2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Vista Service Pack 2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015067 -- Windows Vista x64 Edition Service Pack 2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015217 -- Internet Explorer 11 -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0202 -- Critical
  • KB4015217 -- Internet Explorer 11 -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0202 -- Critical
  • KB4015217 -- Internet Explorer 11 -- Windows Server 2016 -- CVE-2017-0202 -- Critical
  • KB4015217 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 3.5 -- Windows Server 2016 -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 3.5 -- Windows Server 2016 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 4.6.2 -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 4.6.2 -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2016 -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft .NET Framework 4.6.2 -- Windows Server 2016 (Server Core installation) -- CVE-2017-0160 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0093 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0200 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for 32-bit Systems -- CVE-2017-0205 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0093 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0200 -- Critical
  • KB4015217 -- Microsoft Edge -- Windows 10 Version 1607 for x64-based Systems -- CVE-2017-0205 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for 32-bit Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for x64-based Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for x64-based Systems -- N/A -- CVE-2017-0162 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for x64-based Systems -- N/A -- CVE-2017-0163 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for x64-based Systems -- N/A -- CVE-2017-0180 -- Critical
  • KB4015217 -- Windows 10 Version 1607 for x64-based Systems -- N/A -- CVE-2017-0181 -- Critical
  • KB4015217 -- Windows Server 2016 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015217 -- Windows Server 2016 -- N/A -- CVE-2017-0162 -- Critical
  • KB4015217 -- Windows Server 2016 -- N/A -- CVE-2017-0163 -- Critical
  • KB4015217 -- Windows Server 2016 -- N/A -- CVE-2017-0180 -- Critical
  • KB4015217 -- Windows Server 2016 -- N/A -- CVE-2017-0181 -- Critical
  • KB4015217 -- Windows Server 2016 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015217 -- Windows Server 2016 (Server Core installation) -- N/A -- CVE-2017-0162 -- Critical
  • KB4015217 -- Windows Server 2016 (Server Core installation) -- N/A -- CVE-2017-0163 -- Critical
  • KB4015217 -- Windows Server 2016 (Server Core installation) -- N/A -- CVE-2017-0180 -- Critical
  • KB4015217 -- Windows Server 2016 (Server Core installation) -- N/A -- CVE-2017-0181 -- Critical
  • KB4015219 -- Internet Explorer 11 -- Windows 10 Version 1511 for 32-bit Systems -- CVE-2017-0202 -- Critical
  • KB4015219 -- Internet Explorer 11 -- Windows 10 Version 1511 for x64-based Systems -- CVE-2017-0202 -- Critical
  • KB4015219 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1511 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015219 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1511 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015219 -- Microsoft .NET Framework 4.6.1 -- Windows 10 Version 1511 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015219 -- Microsoft .NET Framework 4.6.1 -- Windows 10 Version 1511 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015219 -- Microsoft Edge -- Windows 10 Version 1511 for 32-bit Systems -- CVE-2017-0093 -- Critical
  • KB4015219 -- Microsoft Edge -- Windows 10 Version 1511 for 32-bit Systems -- CVE-2017-0205 -- Critical
  • KB4015219 -- Microsoft Edge -- Windows 10 Version 1511 for x64-based Systems -- CVE-2017-0093 -- Critical
  • KB4015219 -- Microsoft Edge -- Windows 10 Version 1511 for x64-based Systems -- CVE-2017-0205 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for 32-bit Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for x64-based Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for x64-based Systems -- N/A -- CVE-2017-0162 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for x64-based Systems -- N/A -- CVE-2017-0163 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for x64-based Systems -- N/A -- CVE-2017-0180 -- Critical
  • KB4015219 -- Windows 10 Version 1511 for x64-based Systems -- N/A -- CVE-2017-0181 -- Critical
  • KB4015221 -- Internet Explorer 11 -- Windows 10 for 32-bit Systems -- CVE-2017-0202 -- Critical
  • KB4015221 -- Internet Explorer 11 -- Windows 10 for x64-based Systems -- CVE-2017-0202 -- Critical
  • KB4015221 -- Microsoft .NET Framework 3.5 -- Windows 10 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015221 -- Microsoft .NET Framework 3.5 -- Windows 10 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015221 -- Microsoft .NET Framework 4.6 -- Windows 10 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015221 -- Microsoft .NET Framework 4.6 -- Windows 10 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015221 -- Windows 10 for 32-bit Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015221 -- Windows 10 for x64-based Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015221 -- Windows 10 for x64-based Systems -- N/A -- CVE-2017-0162 -- Critical
  • KB4015221 -- Windows 10 for x64-based Systems -- N/A -- CVE-2017-0163 -- Critical
  • KB4015221 -- Windows 10 for x64-based Systems -- N/A -- CVE-2017-0180 -- Critical
  • KB4015221 -- Windows 10 for x64-based Systems -- N/A -- CVE-2017-0181 -- Critical
  • KB4015549 -- Windows 7 for 32-bit Systems Service Pack 1 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015549 -- Windows 7 for x64-based Systems Service Pack 1 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 -- N/A -- CVE-2017-0180 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- N/A -- CVE-2017-0163 -- Critical
  • KB4015549 -- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) -- N/A -- CVE-2017-0180 -- Critical
  • KB4015550 -- Internet Explorer 11 -- Windows 8.1 for 32-bit systems -- CVE-2017-0202 -- Critical
  • KB4015550 -- Internet Explorer 11 -- Windows 8.1 for x64-based systems -- CVE-2017-0202 -- Critical
  • KB4015550 -- Internet Explorer 11 -- Windows RT 8.1 -- CVE-2017-0202 -- Critical
  • KB4015550 -- Internet Explorer 11 -- Windows Server 2012 R2 -- CVE-2017-0202 -- Critical
  • KB4015550 -- Windows 8.1 for 32-bit systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015550 -- Windows 8.1 for x64-based systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015550 -- Windows 8.1 for x64-based systems -- N/A -- CVE-2017-0162 -- Critical
  • KB4015550 -- Windows 8.1 for x64-based systems -- N/A -- CVE-2017-0163 -- Critical
  • KB4015550 -- Windows 8.1 for x64-based systems -- N/A -- CVE-2017-0180 -- Critical
  • KB4015550 -- Windows RT 8.1 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015550 -- Windows Server 2012 R2 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015550 -- Windows Server 2012 R2 -- N/A -- CVE-2017-0162 -- Critical
  • KB4015550 -- Windows Server 2012 R2 -- N/A -- CVE-2017-0163 -- Critical
  • KB4015550 -- Windows Server 2012 R2 -- N/A -- CVE-2017-0180 -- Critical
  • KB4015550 -- Windows Server 2012 R2 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015550 -- Windows Server 2012 R2 (Server Core installation) -- N/A -- CVE-2017-0162 -- Critical
  • KB4015550 -- Windows Server 2012 R2 (Server Core installation) -- N/A -- CVE-2017-0163 -- Critical
  • KB4015550 -- Windows Server 2012 R2 (Server Core installation) -- N/A -- CVE-2017-0180 -- Critical
  • KB4015551 -- Internet Explorer 10 -- Windows Server 2012 -- CVE-2017-0201 -- Critical
  • KB4015551 -- Windows Server 2012 -- N/A -- CVE-2017-0158 -- Critical
  • KB4015551 -- Windows Server 2012 -- N/A -- CVE-2017-0163 -- Critical
  • KB4015551 -- Windows Server 2012 -- N/A -- CVE-2017-0180 -- Critical
  • KB4015551 -- Windows Server 2012 (Server Core installation) -- N/A -- CVE-2017-0158 -- Critical
  • KB4015551 -- Windows Server 2012 (Server Core installation) -- N/A -- CVE-2017-0163 -- Critical
  • KB4015551 -- Windows Server 2012 (Server Core installation) -- N/A -- CVE-2017-0180 -- Critical
  • KB4015583 -- Internet Explorer 11 -- Windows 10 Version 1703 for 32-bit Systems -- CVE-2017-0202 -- Critical
  • KB4015583 -- Internet Explorer 11 -- Windows 10 Version 1703 for x64-based Systems -- CVE-2017-0202 -- Critical
  • KB4015583 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1703 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015583 -- Microsoft .NET Framework 3.5 -- Windows 10 Version 1703 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015583 -- Microsoft .NET Framework 4.7 -- Windows 10 Version 1703 for 32-bit Systems -- CVE-2017-0160 -- Critical
  • KB4015583 -- Microsoft .NET Framework 4.7 -- Windows 10 Version 1703 for x64-based Systems -- CVE-2017-0160 -- Critical
  • KB4015583 -- Microsoft Edge -- Windows 10 Version 1703 for 32-bit Systems -- CVE-2017-0093 -- Critical
  • KB4015583 -- Microsoft Edge -- Windows 10 Version 1703 for 32-bit Systems -- CVE-2017-0205 -- Critical
  • KB4015583 -- Microsoft Edge -- Windows 10 Version 1703 for x64-based Systems -- CVE-2017-0093 -- Critical
  • KB4015583 -- Microsoft Edge -- Windows 10 Version 1703 for x64-based Systems -- CVE-2017-0205 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for 32-bit Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for x64-based Systems -- N/A -- CVE-2017-0158 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for x64-based Systems -- N/A -- CVE-2017-0162 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for x64-based Systems -- N/A -- CVE-2017-0163 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for x64-based Systems -- N/A -- CVE-2017-0180 -- Critical
  • KB4015583 -- Windows 10 Version 1703 for x64-based Systems -- N/A -- CVE-2017-0181 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 for 32-bit Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 for x64-based Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1511 for 32-bit Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1511 for x64-based Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1607 for 32-bit Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1607 for x64-based Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1703 for 32-bit Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 10 Version 1703 for x64-based Systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 8.1 for 32-bit systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows 8.1 for x64-based systems -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows RT 8.1 -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows Server 2012 -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows Server 2012 R2 -- 2017-3447 -- Critical
  • KB4018483 -- Adobe Flash Player -- Windows Server 2016 -- 2017-3447 -- Critical
 Brad

367 Posts
ISC Handler
Apr 11th 2017
Subscribe Apr 11th 2017
3 years ago
good lord
 TuggDougins

37 Posts
Quote Apr 11th 2017
3 years ago
I did not see any any notification they were retiring the MSxx-xxx bulletin grouping designation. I would have highly recommended they at least replace the MSxx-xxx designation with the actual CVE-xxxx-xxxx designation. Approving updates without grouping in SCCM is going to be a monthly eye chart test.
 Anonymous
Quote Apr 12th 2017
3 years ago
I agree. I've had a hard time trying to group these together for a more coherent read.
 Brad

367 Posts
ISC Handler
Quote Apr 12th 2017
3 years ago
Same here but here are some tips:

https://github.com/Microsoft/MSRC-Microsoft-Security-Updates-API


https://portal.msrc.microsoft.com/en-us/developer


Example of the output for the html module:
This report contains detail for the following vulnerabilities:
•CVE-2017-0158 - Scripting Engine Memory Corruption Vulnerability
•CVE-2013-6629 - libjpeg Information Disclosure Vulnerability
•CVE-2017-0178 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0179 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0180 - Hyper-V Remote Code Execution Vulnerability
•CVE-2017-0181 - Hyper-V Remote Code Execution Vulnerability
•CVE-2017-0182 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0183 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0184 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0185 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0186 - Hyper-V Denial of Service Vulnerability
•CVE-2017-0188 - Win32k Information Disclosure Vulnerability
•CVE-2017-0189 - Win32k Elevation of Privilege Vulnerability
•CVE-2017-0191 - Windows Denial of Service Vulnerability
•CVE-2017-0192 - ATMFD.dll Information Disclosure Vulnerability
•CVE-2017-0195 - Microsoft Office XSS Elevation of Privilege Vulnerability
•CVE-2017-0197 - Office DLL Loading Vulnerability
•CVE-2017-0199 - Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API
•CVE-2017-0207 - Microsoft Office Spoofing Vulnerability
•2017-2605 - Defense-in-Depth Update for Microsoft Office
•CVE-2017-0210 - Internet Explorer Elevation of Privilege Vulnerability
•CVE-2017-0058 - Win32k Information Disclosure Vulnerability
•CVE-2017-0093 - Scripting Engine Memory Corruption Vulnerability
•CVE-2017-0106 - Microsoft Outlook Remote Code Execution Vulnerability
•CVE-2017-0155 - Windows Graphics Elevation of Privilege Vulnerability
•CVE-2017-0156 - Windows Graphics Component Elevation of Privilege Vulnerability
•CVE-2017-0159 - ADFS Security Feature Bypass Vulnerability
•CVE-2017-0160 - .NET Remote Code Execution Vulnerability
•CVE-2017-0162 - Hyper-V Remote Code Execution Vulnerability
•CVE-2017-0163 - Hyper-V Remote Code Execution Vulnerability
•CVE-2017-0164 - Active Directory Denial of Service Vulnerability
•CVE-2017-0165 - Windows Elevation of Privilege Vulnerability
•CVE-2017-0166 - LDAP Elevation of Privilege Vulnerability
•CVE-2017-0167 - Windows Kernel Information Disclosure Vulnerability
•CVE-2017-0168 - Hyper-V Information Disclosure Vulnerability
•CVE-2017-0169 - Hyper-V Information Disclosure Vulnerability
•CVE-2017-0194 - Microsoft Office Memory Corruption Vulnerability
•CVE-2017-0200 - Microsoft Edge Memory Corruption Vulnerability
•CVE-2017-0201 - Scripting Engine Memory Corruption Vulnerability
•CVE-2017-0202 - Internet Explorer Memory Corruption Vulnerability
•CVE-2017-0203 - Microsoft Edge Security Feature Bypass Vulnerability
•CVE-2017-0204 - Microsoft Office Security Feature Bypass Vulnerability
•CVE-2017-0205 - Microsoft Edge Memory Corruption Vulnerability
•2017-3447 - April Flash Security Update
•CVE-2017-0208 - Scripting Engine Information Disclosure Vulnerability
•CVE-2017-0211 - Windows OLE Elevation of Privilege Vulnerability
 EricLauzon

3 Posts
Quote Apr 12th 2017
3 years ago
You can group by CVE, but you have to add the "Details" field to the view on the security guidance list.
 jbmartin6

20 Posts
Quote Apr 12th 2017
3 years ago
Interesting that for both the monthy & security-only rollups:
2017-04 Security-only update - KB4015546
2017-04 Monthly Rollup - KB4015549
They warn that (known issues)
"If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates."

*ack*
 Anonymous
Quote Apr 12th 2017
3 years ago
To save others some time - this worked for me. Provides a "Microsoft Security Bulletin Summary" html file. Instead of MS bulletin numbers it is the CVEs.

Get an APIkey from Microsoft at https://portal.msrc.microsoft.com/en-us/developer
In an elevated powershell - Install-Module -name msrcsecurityupdates

After the module is installed the rest can be run without admin rights. just replace the APIkey 999 below with the one you got from Microsoft.

import-module -name msrcsecurityupdates -force
set-msrcapikey -apikey "999" -verbose
get-msrccvrfdocument -id 2017-apr | get-msrcsecuritybulletinhtml > msrc-2017-04.html
 Charles

1 Posts
Quote Apr 13th 2017
3 years ago
You only need to install the module in an elevated prompt if you want other users on the system to use the module. You can use "-Scope CurrentUser" with Install-Module to simply add it to your own profile using normal privileges.
 jbmartin6

20 Posts
Quote Apr 18th 2017
3 years ago
If you want the list of patches listed for a specific CVE you can try this
https://portal.msrc.microsoft.com/en-US/security-guidance
Type in the CVE in the search.
It can also export it as an .xlsx file, complete with web links to the applicable patches.
 Michael

32 Posts
Quote Apr 22nd 2017
3 years ago

Sign Up for Free or Log In to start participating in the conversation!