MS Batch of Update Released
Microsoft has released a large batch of updates to vulnerabilities as part of its Patch Tuesday for the month of November 2017.
The vulnerabilities existing in the following products have been addressed
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- NET Core and .NET Core
- Chakra Core
| Details | Product Family | Severity | Impact |
| ADV170018 | Adobe | Critical | Remote Code Execution |
| ADV170019 | Adobe | Critical | Remote Code Execution |
| ADV170020 | Microsoft Office | None | Defense in Depth |
| CVE-2017-11768 | Windows | Important | Information Disclosure |
| CVE-2017-11770 | Development Tools | Important | Denial of Service |
| CVE-2017-11788 | Windows | Important | Denial of Service |
| CVE-2017-11791 | Browser | Important | Information Disclosure |
| CVE-2017-11803 | Browser | Important | Information Disclosure |
| CVE-2017-11827 | Browser | Important | Remote Code Execution |
| CVE-2017-11830 | Windows | Important | Security Feature Bypass |
| CVE-2017-11831 | Windows | Important | Information Disclosure |
| CVE-2017-11832 | Windows | Important | Information Disclosure |
| CVE-2017-11833 | Browser | Important | Information Disclosure |
| CVE-2017-11834 | Browser | Important | Information Disclosure |
| CVE-2017-11835 | Windows | Important | Information Disclosure |
| CVE-2017-11836 | Browser | Critical | Remote Code Execution |
| CVE-2017-11837 | Browser | Critical | Remote Code Execution |
| CVE-2017-11838 | Browser | Critical | Remote Code Execution |
| CVE-2017-11839 | Browser | Critical | Remote Code Execution |
| CVE-2017-11840 | Browser | Critical | Remote Code Execution |
| CVE-2017-11841 | Browser | Critical | Remote Code Execution |
| CVE-2017-11842 | Windows | Important | Information Disclosure |
| CVE-2017-11843 | Browser | Critical | Remote Code Execution |
| CVE-2017-11844 | Browser | Important | Information Disclosure |
| CVE-2017-11845 | Browser | Critical | Remote Code Execution |
| CVE-2017-11846 | Browser | Critical | Remote Code Execution |
| CVE-2017-11847 | Windows | Important | Elevation of Privilege |
| CVE-2017-11848 | Browser | Low | Information Disclosure |
| CVE-2017-11849 | Windows | Important | Information Disclosure |
| CVE-2017-11850 | Windows | Important | Information Disclosure |
| CVE-2017-11851 | Windows | Important | Information Disclosure |
| CVE-2017-11852 | Windows | Important | Information Disclosure |
| CVE-2017-11853 | Windows | Important | Information Disclosure |
| CVE-2017-11854 | Microsoft Office | Important | Remote Code Execution |
| CVE-2017-11855 | Browser | Critical | Remote Code Execution |
| CVE-2017-11855 | Browser | Moderate | Remote Code Execution |
| CVE-2017-11856 | Browser | Critical | Remote Code Execution |
| CVE-2017-11858 | Browser | Critical | Remote Code Execution |
| CVE-2017-11861 | Browser | Critical | Remote Code Execution |
| CVE-2017-11862 | Browser | Critical | Remote Code Execution |
| CVE-2017-11863 | Browser | Important | Security Feature Bypass |
| CVE-2017-11866 | Browser | Critical | Remote Code Execution |
| CVE-2017-11869 | Browser | Critical | Remote Code Execution |
| CVE-2017-11870 | Browser | Critical | Remote Code Execution |
| CVE-2017-11871 | Browser | Critical | Remote Code Execution |
| CVE-2017-11872 | Browser | Important | Security Feature Bypass |
| CVE-2017-11873 | Browser | Critical | Remote Code Execution |
| CVE-2017-11874 | Browser | Important | Security Feature Bypass |
| CVE-2017-11876 | Microsoft Office | Moderate | Elevation of Privilege |
| CVE-2017-11877 | Microsoft Office | Important | Security Feature Bypass |
| CVE-2017-11878 | Microsoft Office | Important | Remote Code Execution |
| CVE-2017-11879 | Development Tools | Important | Elevation of Privilege |
| CVE-2017-11880 | Windows | Important | Information Disclosure |
| CVE-2017-11882 | Microsoft Office | Important | Remote Code Execution |
| CVE-2017-11883 | Development Tools | Important | Denial of Service |
| CVE-2017-13080 | Windows | Important | Spoofing |
| CVE-2017-8700 | Development Tools | Moderate | Information Disclosure |
While Adobe has released patches for 5 Critical Vulnerabilities
| CVE Number | Vulnerability Category | Severity | Vulnerability Impact |
| CVE-2017-3112 | Out-of-bounds Read | Critical | Remote Code Execution |
| CVE-2017-3114 | Out-of-bounds Read | Critical | Remote Code Execution |
| CVE-2017-11213 | Out-of-bounds Read | Critical | Remote Code Execution |
| CVE-2017-11215 | Use after free | Critical | Remote Code Execution |
| CVE-2017-11225 | Use after free | Critical | Remote Code Execution |
For additional information visit:
Adobe: https://helpx.adobe.com/security/products/flash-player/apsb17-33.html
Microsoft: https://portal.msrc.microsoft.com/en-us/security-guidance
