Microsoft patch update released for multiple issues fix

Microsoft patch released for October 2017 as per its monthly update trend. Microsoft patch claimed to have fixed almost sixty-seven security issues including zero-day threats. Microsoft patch includes the bugs in applications like the Windows OS, Internet Explorer, Microsoft Edge, Skype for Business and the Chakra Core browser engine. The most crucial among them is a zero-day threat which got disclosed publicly to attack live targets. Microsoft’s release of patch fixes that too.

The vulnerability of CVE-2017-11826 (as shown in the below list) is an RCE (Remote Code Execution) bug that targets MS Word. Two other bugs namely CVE-2017-8703 and CVE-2017-11777 were undetected in live attacks and became public. Here is the table of all 62 security issues fixed in this month.

Microsoft patch released:

Tag	CVE ID	CVE Title
Device Guard	CVE-2017-8715	Windows Security Feature Bypass Vulnerability
Device Guard	CVE-2017-11823	Microsoft Windows Security Feature Bypass
Internet Explorer	CVE-2017-11790	Internet Explorer Information Disclosure Vulnerability
Internet Explorer	CVE-2017-11810	Scripting Engine Memory Corruption Vulnerability
Internet Explorer	CVE-2017-11822	Internet Explorer Memory Corruption Vulnerability
Internet Explorer	CVE-2017-11813	Internet Explorer Memory Corruption Vulnerability
Microsoft Edge	CVE-2017-8726	Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge	CVE-2017-11794	Microsoft Edge Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2017-11816	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2017-11763	Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2017-11762	Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2017-11824	Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Graphics Component	CVE-2017-8693	Microsoft Graphics Information Disclosure Vulnerability
Microsoft JET Database Engine	CVE-2017-8718	Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2017-8717	Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office	CVE-2017-11776	Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office	CVE-2017-11775	Microsoft Office SharePoint XSS Vulnerability
Microsoft Office	CVE-2017-11774	Microsoft Outlook Security Feature Bypass Vulnerability
Microsoft Office	CVE-2017-11777	Microsoft Office SharePoint XSS Vulnerability
Microsoft Office	CVE-2017-11826	Microsoft Office Memory Corruption Vulnerability
Microsoft Office	CVE-2017-11825	Microsoft Office Remote Code Execution Vulnerability
Microsoft Office	ADV170017	Office Defense in Depth Update
Microsoft Office	CVE-2017-11786	Skype for Business Elevation of Privilege Vulnerability
Microsoft Office	CVE-2017-11820	Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine	CVE-2017-11798	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11799	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11809	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11796	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11797	Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine	CVE-2017-11806	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11800	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11808	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11807	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11805	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11804	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11811	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11801	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11802	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11812	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11821	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11793	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2017-11792	Scripting Engine Memory Corruption Vulnerability
Microsoft Windows	CVE-2017-11818	Windows Storage Security Feature Bypass Vulnerability
Microsoft Windows	ADV170016	Windows Server 2008 Defense in Depth
Microsoft Windows	CVE-2017-11783	Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2017-11769	TRIE Remote Code Execution Vulnerability
Microsoft Windows DNS	CVE-2017-11779	Windows DNSAPI Remote Code Execution Vulnerability
Microsoft Windows Search Component	CVE-2017-11772	Microsoft Search Information Disclosure Vulnerability
Microsoft Windows Search Component	CVE-2017-11771	Windows Search Remote Code Execution Vulnerability
Windows Kernel	CVE-2017-11784	Windows Kernel Information Disclosure Vulnerability
Windows Kernel	CVE-2017-11817	Windows Information Disclosure Vulnerability
Windows Kernel	CVE-2017-11814	Windows Kernel Information Disclosure Vulnerability
Windows Kernel	CVE-2017-11765	Windows Kernel Information Disclosure Vulnerability
Windows Kernel	CVE-2017-11785	Windows Kernel Information Disclosure Vulnerability
Windows Kernel-Mode Drivers	CVE-2017-8694	Win32k Elevation of Privilege Vulnerability
Windows Kernel-Mode Drivers	CVE-2017-8689	Win32k Elevation of Privilege Vulnerability
Windows NTLM	ADV170014	Optional Windows NTLM SSO authentication changes
Windows Shell	CVE-2017-8727	Windows Shell Memory Corruption Vulnerability
Windows Shell	CVE-2017-11819	Windows Shell Remote Code Execution Vulnerability
Windows SMB Server	CVE-2017-11815	Windows SMB Information Disclosure Vulnerability
Windows SMB Server	CVE-2017-11782	Windows SMB Elevation of Privilege Vulnerability
Windows SMB Server	CVE-2017-11781	Windows SMB Denial of Service Vulnerability
Windows SMB Server	CVE-2017-11780	Windows SMB Remote Code Execution Vulnerability
Windows Subsystem for Linux	CVE-2017-8703	Windows Subsystem for Linux Denial of Service Vulnerability
Windows TPM	ADV170012	Vulnerability in TPM could allow Security Feature Bypass
Windows Update	CVE-2017-11829	Windows Update Delivery Optimization Elevation of Privilege Vulnerability

Topic of Discussion this CSAM: Vulnerability vs Risk – eScan

Chinese phones are a hazard for India – eScan

Related Articles

Newsletter

Popular Posts

Preyed to Pay: Video Traps

Disclosure : Router based DNS MITM Attack

‘Work From Home’ Scams – A Business of Fake Opportunities

Archives

Categories

Microsoft patch update released for multiple issues fix – eScan