Today’s VERT Alert addresses 4 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-706 on Wednesday, January 11th.
Ease of Use (published exploits) to Risk Table
|
Automated Exploit
|
|||||||
|
Easy
|
MS17-001 |
||||||
|
Moderate
|
|||||||
|
Difficult
|
|||||||
|
Extremely Difficult
|
MS17-004 |
||||||
|
No Known Exploit
|
|
MS17-002MS17-003 |
|
||||
|
Exposure
|
Local Availability
|
Local Access
|
Remote Availability
|
Remote Access
|
Local Privileged
|
Remote Privileged
|
| MS17-001 | Security Update for Microsoft Edge | KB3214288 |
| MS17-002 | Security Update for Microsoft Office | KB3214291 |
| MS17-003 | Security Update for Adobe Flash Player | KB3214628 |
| MS17-004 | Security Update for Local Security Authority Subsystem Service | KB3216771 |
MS17-001
Microsoft is starting off 2017 with a minimal set of patches – 4 bulletins and 15 CVEs, 12 of which are Flash related. The first bulletin this month resolves a single vulnerability in Microsoft Edge and, since this vulnerability is Edge specific, it means we don’t have an IE bulletin this month. The vulnerability is an elevation of privilege created by a lack of cross-domain policy enforcement with the about:blank page. CVE-2017-0002 was publicly disclosed.
MS17-002
The second bulletin this month addresses a single vulnerability in Microsoft Word and SharePoint Enterprise Server 2016 that could allow code execution when opening malicious files.
MS17-003
The penultimate update this month is the companion update to APSB17-02. This update resolves a dozen vulnerabilities affecting Adobe Flash.
MS17-004
The final bulletin this month is an unauthenticated denial of service vulnerability in the Local Security Authority Subsystem Service better known as LSASS. A malicious authentication request could result in the targeted system crashing. CVE-2017-0004 was publicly disclosed. As always, VERT recommends that you apply all the patches as soon as possible but also that you fully vet patches (when possible) before applying them to production systems.
