December Microsoft Patch Tuesday Summary
Microsoft today patched 36 different vulnerabilities (+ Flash). Luckily, none of the vulnerabilities have been exploited in the wild of have been disclosed prior to today. The list includes the malware protection engine update that was released on Friday. Probably the most interesting vulnerability is the remote code execution in Windows RRAS. (CVE-2017-11885). According to Microsoft, this vulnerability can be exploited via RPC on servers that have routing enabled. (RRAS is the Routing and Remote Access Service). I am a bit confused why Microsoft rates this one only as "important". Maybe because RRAS is not enabled by default.
| CVE | Description | |||
|---|---|---|---|---|
| Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| CVE-2017-11885 | Windows RRAS Service Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11889 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11890 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11893 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11895 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11899 | Microsoft Windows Security Feature Bypass Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11901 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11903 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11906 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11908 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11909 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11910 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11911 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11912 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11913 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11914 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11918 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11927 | Microsoft Windows Information Disclosure Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11930 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11932 | Microsoft Exchange Spoofing Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11937 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Critical |
| ADV170021 | Microsoft Office Defense in Depth Update | |||
| No | No | More Likely | More Likely | None |
| ADV170023 | Microsoft Exchange Defense in Depth Update | |||
| No | No | - | - | None |
| CVE-2017-11886 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11887 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11888 | Microsoft Edge Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11894 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11907 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | More Likely | More Likely | Critical |
| CVE-2017-11905 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Critical |
| CVE-2017-11916 | Scripting Engine Memory Corruption Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11919 | Scripting Engine Information Disclosure Vulnerability | |||
| No | No | More Likely | More Likely | Important |
| CVE-2017-11934 | Microsoft PowerPoint Information Disclosure Vulnerability | |||
| No | No | Less Likely | Less Likely | Important |
| CVE-2017-11935 | Microsoft Excel Remote Code Execution Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11936 | Microsoft SharePoint Elevation of Privilege Vulnerability | |||
| No | No | - | - | Important |
| ADV170022 | December 2017 Flash Security Update | |||
| No | No | - | - | Critical |
| CVE-2017-11939 | Microsoft Office Information Disclosure Vulnerability | |||
| No | No | - | - | Important |
| CVE-2017-11940 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability | |||
| No | No | Less Likely | Less Likely | Critical |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
ISC Stormcast For Tuesday, December 12th 2017 https://isc.sans.edu/podcastdetail.html?id=5789
×
![modal content]()
Diary Archives
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago