Microsoft Patch Tuesday September 2017
Below we do have our quick summary table for today's Microsoft patches. I am still working on getting this set up a bit better based on the new Microsoft patch Tuesday process.
Title | CVE | ||
---|---|---|---|
Publicly Disclosed? | Exploited? | Impact | Rating |
.NET Framework Remote Code Execution Vulnerability | CVE-2017-8759 | ||
Not Publicly Disclosed | Exploited! | Remote Code Execution | Important |
Broadcom BCM43xx Remote Code Execution Vulnerability | CVE-2017-9417 | ||
Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Device Guard Security Feature Bypass Vulnerability | CVE-2017-8746 | ||
Publicly Disclosed | Not Exploited | Security Feature Bypass | Important |
Graphics Component Information Disclosure Vulnerability | CVE-2017-8695 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Hyper-V Denial of Service Vulnerability | CVE-2017-8704 | ||
Not Publicly Disclosed | Not Exploited | Denial of Service | Important |
Hyper-V Information Disclosure Vulnerability | CVE-2017-8706 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Hyper-V Information Disclosure Vulnerability | CVE-2017-8707 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Hyper-V Information Disclosure Vulnerability | CVE-2017-8711 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Hyper-V Information Disclosure Vulnerability | CVE-2017-8712 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Hyper-V Information Disclosure Vulnerability | CVE-2017-8713 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Internet Explorer Memory Corruption Vulnerability | CVE-2017-8747 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Internet Explorer Memory Corruption Vulnerability | CVE-2017-8749 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Internet Explorer Spoofing Vulnerability | CVE-2017-8733 | ||
Not Publicly Disclosed | Not Exploited | Spoofing | Important |
Microsoft Bluetooth Driver Spoofing Vulnerability | CVE-2017-8628 | ||
Not Publicly Disclosed | Not Exploited | Spoofing | Important |
Microsoft Browser Information Disclosure Vulnerability | CVE-2017-8736 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Microsoft Browser Memory Corruption Vulnerability | CVE-2017-8750 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Information Disclosure Vulnerability | CVE-2017-8597 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Microsoft Edge Information Disclosure Vulnerability | CVE-2017-8643 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Microsoft Edge Information Disclosure Vulnerability | CVE-2017-8648 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Microsoft Edge Memory Corruption Vulnerability | CVE-2017-11766 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Memory Corruption Vulnerability | CVE-2017-8731 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Memory Corruption Vulnerability | CVE-2017-8734 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Memory Corruption Vulnerability | CVE-2017-8751 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Remote Code Execution Vulnerability | CVE-2017-8757 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Edge Security Feature Bypass Vulnerability | CVE-2017-8723 | ||
Publicly Disclosed | Not Exploited | Security Feature Bypass | Moderate |
Microsoft Edge Security Feature Bypass Vulnerability | CVE-2017-8754 | ||
Not Publicly Disclosed | Not Exploited | Security Feature Bypass | Important |
Microsoft Edge Spoofing Vulnerability | CVE-2017-8724 | ||
Not Publicly Disclosed | Not Exploited | Spoofing | Important |
Microsoft Edge Spoofing Vulnerability | CVE-2017-8735 | ||
Not Publicly Disclosed | Not Exploited | Spoofing | Moderate |
Microsoft Exchange Cross-Site Scripting Vulnerability | CVE-2017-8758 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
Microsoft Exchange Information Disclosure Vulnerability | CVE-2017-11761 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Microsoft Graphics Component Remote Code Execution | CVE-2017-8696 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft Office Defense in Depth Update | ADV170015 | ||
Publicly Disclosed | Exploited! | Defense in Depth | N/A |
Microsoft Office Memory Corruption Vulnerability | CVE-2017-8630 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft Office Memory Corruption Vulnerability | CVE-2017-8631 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft Office Memory Corruption Vulnerability | CVE-2017-8632 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft Office Memory Corruption Vulnerability | CVE-2017-8744 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft Office Publisher Remote Code Execution | CVE-2017-8725 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft Office Remote Code Execution | CVE-2017-8567 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Microsoft PDF Remote Code Execution Vulnerability | CVE-2017-8728 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft PDF Remote Code Execution Vulnerability | CVE-2017-8737 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Microsoft SharePoint Cross Site Scripting Vulnerability | CVE-2017-8745 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
Microsoft SharePoint XSS Vulnerability | CVE-2017-8629 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
NetBIOS Remote Code Execution Vulnerability | CVE-2017-0161 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
PowerPoint Remote Code Execution Vulnerability | CVE-2017-8742 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
PowerPoint Remote Code Execution Vulnerability | CVE-2017-8743 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Remote Desktop Virtual Host Remote Code Execution Vulnerability | CVE-2017-8714 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Scripting Engine Information Disclosure Vulnerability | CVE-2017-8739 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-11764 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8649 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8660 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8729 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8738 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8740 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8741 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8748 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8752 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8753 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8755 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Scripting Engine Memory Corruption Vulnerability | CVE-2017-8756 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
September 2017 Flash Security Update | ADV170013 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Uniscribe Remote Code Execution Vulnerability | CVE-2017-8692 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
Win32k Elevation of Privilege Vulnerability | CVE-2017-8675 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
Win32k Elevation of Privilege Vulnerability | CVE-2017-8720 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
Win32k Graphics Information Disclosure Vulnerability | CVE-2017-8683 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Win32k Graphics Remote Code Execution Vulnerability | CVE-2017-8682 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Win32k Information Disclosure Vulnerability | CVE-2017-8677 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Win32k Information Disclosure Vulnerability | CVE-2017-8678 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Win32k Information Disclosure Vulnerability | CVE-2017-8680 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Win32k Information Disclosure Vulnerability | CVE-2017-8681 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Win32k Information Disclosure Vulnerability | CVE-2017-8687 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows DHCP Server Remote Code Execution Vulnerability | CVE-2017-8686 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Critical |
Windows Elevation of Privilege Vulnerability | CVE-2017-8702 | ||
Not Publicly Disclosed | Not Exploited | Elevation of Privilege | Important |
Windows GDI+ Information Disclosure Vulnerability | CVE-2017-8676 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Critical |
Windows GDI+ Information Disclosure Vulnerability | CVE-2017-8684 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows GDI+ Information Disclosure Vulnerability | CVE-2017-8685 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows GDI+ Information Disclosure Vulnerability | CVE-2017-8688 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Information Disclosure Vulnerability | CVE-2017-8710 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Kernel Information Disclosure Vulnerability | CVE-2017-8679 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Kernel Information Disclosure Vulnerability | CVE-2017-8708 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Kernel Information Disclosure Vulnerability | CVE-2017-8709 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Kernel Information Disclosure Vulnerability | CVE-2017-8719 | ||
Not Publicly Disclosed | Not Exploited | Information Disclosure | Important |
Windows Security Feature Bypass Vulnerability | CVE-2017-8716 | ||
Not Publicly Disclosed | Not Exploited | Security Feature Bypass | Important |
Windows Shell Remote Code Execution Vulnerability | CVE-2017-8699 | ||
Not Publicly Disclosed | Not Exploited | Remote Code Execution | Important |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
Keywords:
9 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments
example : 2017-09 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4038777)
Anonymous
Sep 13th 2017
7 years ago
Anonymous
Sep 13th 2017
7 years ago
Anonymous
Sep 13th 2017
7 years ago
Anonymous
Sep 13th 2017
7 years ago
Thanks!
Anonymous
Sep 13th 2017
7 years ago
Anonymous
Sep 13th 2017
7 years ago
Can we also have the colour coding on the rating and exploited column (red/amber/green) back too please?
Anonymous
Sep 14th 2017
7 years ago
Anonymous
Sep 14th 2017
7 years ago
Anonymous
Sep 14th 2017
7 years ago