Today’s VERT Alert addresses the Microsoft July 2017 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-733 on Wednesday, July 12th.
In-The-Wild & Disclosed CVEs
CVE-2017-8584
In a Patch Tuesday first, we have a HoloLens code execution vulnerability. This vulnerability impacts Windows 10 and Server 2016 and could allow a successful attacker user access to a system via a malicious WiFi packet. Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely).
CVE-2017-8611
This vulnerability describes an issue that occurs when Microsoft Edge fails to properly parse HTTP content. Improper parsing of malicious data could lead to exploitation of vulnerability that would allow content spoofing. Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely).
CVE-2017-8587
A denial of service exists that could cause a system to stop responding if an attempt is made to open a non-existent file. While the issue exists within Windows Explorer, an attack could include visiting a malicious website that references the non-existent file. Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).
CVE-2017-8602
This vulnerability is similar in description to CVE-2017-8611 but affects both Microsoft Edge and Microsoft Internet Explorer. Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).
FYI Vulnerabilities
While many of the issues fixed today are typical for Patch Tuesday, there are a few that are worth highlighting.
CVE-2017-8563
It is worth calling attention to this vulnerability that allow for privilege escalation when falling back from Kerberos to NTLM authentication. After applying this patch to clients, an additional change must be made to the Domain Controller to actually mitigate the vulnerability. Without the patch, the mitigation will break authentication and without the mitigation the vulnerability will persist. Microsoft has released KB4034879 to detail how to implement this solution.
Windows 10 Version 1703
Microsoft has announced a major revision increment for a number of vulnerabilities and a security bulletin that impact Windows 10 Version 1703. There are older patches that users may need to install to ensure their 1703 installations are up-to-date. This includes CVE-2016-3305 (MS16-111) and CVE-2017-8543.
Other Information
In addition to the Microsoft vulnerabilities included in the July Security Guidance, a security advisory was also published.
July Flash Security Update [ADV170009]
Microsoft has published an advisory for the July Adobe Flash Security Update (APSB17-21). This includes updates for the following vulnerabilities: CVE-2017-3099, CVE-2017-3080, CVE-2017-3100.