Microsoft patch update released for multiple issues fix – eScan

Emergency Patch Released

Emergency Patch Released

Microsoft patch released for October 2017  as per its monthly update trend. Microsoft patch claimed to have fixed almost sixty-seven security issues including zero-day threats. Microsoft patch includes the bugs in applications like the Windows OS, Internet Explorer, Microsoft Edge, Skype for Business and the Chakra Core browser engine. The most crucial among them is a zero-day threat which got disclosed publicly to attack live targets. Microsoft’s release of patch fixes that too.

The vulnerability of CVE-2017-11826 (as shown in the below list) is an RCE (Remote Code Execution) bug that targets MS Word. Two other bugs namely CVE-2017-8703 and CVE-2017-11777 were undetected in live attacks and became public. Here is the table of all 62 security issues fixed in this month.

Microsoft patch released:

Tag CVE ID CVE Title
Device Guard CVE-2017-8715 Windows Security Feature Bypass Vulnerability
Device Guard CVE-2017-11823 Microsoft Windows Security Feature Bypass
Internet Explorer CVE-2017-11790 Internet Explorer Information Disclosure Vulnerability
Internet Explorer CVE-2017-11810 Scripting Engine Memory Corruption Vulnerability
Internet Explorer CVE-2017-11822 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2017-11813 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8726 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2017-11794 Microsoft Edge Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-11816 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-11763 Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2017-11762 Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2017-11824 Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2017-8693 Microsoft Graphics Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2017-8718 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2017-8717 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2017-11776 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office CVE-2017-11775 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office CVE-2017-11774 Microsoft Outlook Security Feature Bypass Vulnerability
Microsoft Office CVE-2017-11777 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office CVE-2017-11826 Microsoft Office Memory Corruption Vulnerability
Microsoft Office CVE-2017-11825 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office ADV170017 Office Defense in Depth Update
Microsoft Office CVE-2017-11786 Skype for Business Elevation of Privilege Vulnerability
Microsoft Office CVE-2017-11820 Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine CVE-2017-11798 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11799 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11809 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11796 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11797 Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2017-11806 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11800 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11808 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11807 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11805 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11804 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11811 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11801 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11802 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11812 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11821 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11793 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11792 Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2017-11818 Windows Storage Security Feature Bypass Vulnerability
Microsoft Windows ADV170016 Windows Server 2008 Defense in Depth
Microsoft Windows CVE-2017-11783 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2017-11769 TRIE Remote Code Execution Vulnerability
Microsoft Windows DNS CVE-2017-11779 Windows DNSAPI Remote Code Execution Vulnerability
Microsoft Windows Search Component CVE-2017-11772 Microsoft Search Information Disclosure Vulnerability
Microsoft Windows Search Component CVE-2017-11771 Windows Search Remote Code Execution Vulnerability
Windows Kernel CVE-2017-11784 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-11817 Windows Information Disclosure Vulnerability
Windows Kernel CVE-2017-11814 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-11765 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-11785 Windows Kernel Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8694 Win32k Elevation of Privilege Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8689 Win32k Elevation of Privilege Vulnerability
Windows NTLM ADV170014 Optional Windows NTLM SSO authentication changes
Windows Shell CVE-2017-8727 Windows Shell Memory Corruption Vulnerability
Windows Shell CVE-2017-11819 Windows Shell Remote Code Execution Vulnerability
Windows SMB Server CVE-2017-11815 Windows SMB Information Disclosure Vulnerability
Windows SMB Server CVE-2017-11782 Windows SMB Elevation of Privilege Vulnerability
Windows SMB Server CVE-2017-11781 Windows SMB Denial of Service Vulnerability
Windows SMB Server CVE-2017-11780 Windows SMB Remote Code Execution Vulnerability
Windows Subsystem for Linux CVE-2017-8703 Windows Subsystem for Linux Denial of Service Vulnerability
Windows TPM ADV170012 Vulnerability in TPM could allow Security Feature Bypass
Windows Update CVE-2017-11829 Windows Update Delivery Optimization Elevation of Privilege Vulnerability

Read more – Blog eScan

This entry was posted in eScan 11, eScan 14, MailScan, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *