Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2017.0089
Microsoft Windows Security Updates
14 June 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Increased Privileges -- Existing Account
Modify Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote with User Interaction
Reduced Security -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-8553 CVE-2017-8544 CVE-2017-8543
CVE-2017-8534 CVE-2017-8533 CVE-2017-8532
CVE-2017-8531 CVE-2017-8528 CVE-2017-8527
CVE-2017-8515 CVE-2017-8494 CVE-2017-8493
CVE-2017-8492 CVE-2017-8491 CVE-2017-8490
CVE-2017-8489 CVE-2017-8488 CVE-2017-8485
CVE-2017-8484 CVE-2017-8483 CVE-2017-8482
CVE-2017-8481 CVE-2017-8480 CVE-2017-8479
CVE-2017-8478 CVE-2017-8477 CVE-2017-8476
CVE-2017-8475 CVE-2017-8474 CVE-2017-8473
CVE-2017-8472 CVE-2017-8471 CVE-2017-8470
CVE-2017-8469 CVE-2017-8468 CVE-2017-8466
CVE-2017-8465 CVE-2017-8464 CVE-2017-8462
CVE-2017-8460 CVE-2017-0300 CVE-2017-0299
CVE-2017-0298 CVE-2017-0297 CVE-2017-0296
CVE-2017-0295 CVE-2017-0294 CVE-2017-0292
CVE-2017-0291 CVE-2017-0289 CVE-2017-0288
CVE-2017-0287 CVE-2017-0286 CVE-2017-0285
CVE-2017-0284 CVE-2017-0283 CVE-2017-0282
CVE-2017-0260 CVE-2017-0219 CVE-2017-0218
CVE-2017-0216 CVE-2017-0215 CVE-2017-0193
CVE-2017-0173
Member content until: Friday, July 14 2017
Reference: ASB-2017.0088
ASB-2017.0087
ASB-2017.0086
Comment: CVE-2017-8543 | Windows Search Remote Code Execution Vulnerability is
being exploited in the wild.
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2017-8464 | LNK Remote Code Execution Vulnerability is being
exploited in the wild.
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
OVERVIEW
Microsoft has released its monthly security patch update for the
month of June 2017 for Microsoft Windows. [1]
This update resolves 64 vulnerabilities across the following
products:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these
vulnerabilities:
Details Impact Severity
CVE-2017-0173 Security Feature Bypass Important
CVE-2017-0193 Elevation of Privilege Important
CVE-2017-0215 Security Feature Bypass Important
CVE-2017-0216 Security Feature Bypass Important
CVE-2017-0218 Security Feature Bypass Important
CVE-2017-0219 Security Feature Bypass Important
CVE-2017-0260 Remote Code Execution Important
CVE-2017-0282 Information Disclosure Important
CVE-2017-0283 Remote Code Execution Critical
CVE-2017-0284 Information Disclosure Important
CVE-2017-0285 Information Disclosure Important
CVE-2017-0286 Information Disclosure Important
CVE-2017-0287 Information Disclosure Important
CVE-2017-0288 Information Disclosure Important
CVE-2017-0289 Information Disclosure Important
CVE-2017-0291 Remote Code Execution Critical
CVE-2017-0292 Remote Code Execution Critical
CVE-2017-0294 Remote Code Execution Critical
CVE-2017-0295 Tampering Important
CVE-2017-0296 Elevation of Privilege Important
CVE-2017-0297 Elevation of Privilege Important
CVE-2017-0298 Information Disclosure Important
CVE-2017-0299 Information Disclosure Important
CVE-2017-0300 Information Disclosure Important
CVE-2017-8460 Information Disclosure Important
CVE-2017-8462 Information Disclosure Important
CVE-2017-8464 Remote Code Execution Critical
CVE-2017-8465 Elevation of Privilege Important
CVE-2017-8466 Elevation of Privilege Important
CVE-2017-8468 Elevation of Privilege Important
CVE-2017-8469 Information Disclosure Important
CVE-2017-8470 Information Disclosure Important
CVE-2017-8471 Information Disclosure Important
CVE-2017-8472 Information Disclosure Important
CVE-2017-8473 Information Disclosure Important
CVE-2017-8474 Information Disclosure Important
CVE-2017-8475 Information Disclosure Important
CVE-2017-8476 Information Disclosure Important
CVE-2017-8477 Information Disclosure Important
CVE-2017-8478 Information Disclosure Important
CVE-2017-8479 Information Disclosure Important
CVE-2017-8480 Information Disclosure Important
CVE-2017-8481 Information Disclosure Important
CVE-2017-8482 Information Disclosure Important
CVE-2017-8483 Information Disclosure Important
CVE-2017-8484 Information Disclosure Important
CVE-2017-8485 Information Disclosure Important
CVE-2017-8488 Information Disclosure Important
CVE-2017-8489 Information Disclosure Important
CVE-2017-8490 Information Disclosure Important
CVE-2017-8491 Information Disclosure Important
CVE-2017-8492 Information Disclosure Important
CVE-2017-8493 Security Feature Bypass Important
CVE-2017-8494 Elevation of Privilege Important
CVE-2017-8515 Denial of Service Important
CVE-2017-8527 Remote Code Execution Critical
CVE-2017-8528 Remote Code Execution Critical
CVE-2017-8531 Information Disclosure Important
CVE-2017-8532 Information Disclosure Important
CVE-2017-8533 Information Disclosure Important
CVE-2017-8534 Information Disclosure Important
CVE-2017-8543 Remote Code Execution Critical
CVE-2017-8544 Information Disclosure Important
CVE-2017-8553 Information Disclosure Important
MITIGATION
Microsoft recommends updating the software with the version
made available on the Microsoft Update Cataloge for the following
Knowledge Base articles. [1]
KB3217845
KB4018106
KB4021903
KB4021923
KB4022008
KB4022010
KB4022013
KB4022714
KB4022715
KB4022717
KB4022718
KB4022719
KB4022722
KB4022724
KB4022725
KB4022726
KB4022727
KB4022883
KB4022884
KB4022887
KB4024402
REFERENCES
[1] Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWUCsPIx+lLeg9Ub1AQgTURAAnhyq30RDg0+kgXyKPVRaiqy1hhTr4mpv
KnQjX2k8ptUEy53n7a8N3bBLIVcpgCn73petUV/hgB6D/Iskt5OsAE3CutYcxkak
isg1Yj3DQbjCwQkYsRkkznjyB883cOzBnBT7QjgUJWlVAZgVbxVUYA2xfBx+By3W
Pj7/gOq6qRezOrx7rwIdfmsEOOtL06ye09OGsPAtUCSd5FmtH2V+bg2P0FucLMfS
ETjW7kCHqDvw3H+JlaPdx4ofJed2IaA1iwcOHiaKrJULP2T+BSNGROdaOxVLojV5
0AStWR/B8BhBY6tzncGVDN0A3jmyMicQ4iw+Hdhjj4DQcLFcRn6s93PBjRl+aTxw
itA74cR6uiDw2TYdNysKHvhpoLEoD3o9e5Qp6qvXuGDHbktoI7STWwJDGEAGDT+C
hA/z4iCJUUp33M4WEI7NJCBnPSBnq9s4d2FbGJsXCM7nS0zIy05y8kbRAcxW5OGz
Q66RUjbQcnep3vQEiYZSZs+bTO+IcFarCXxknMfjcAuuE0mVl/S2rWu5xaWp23tG
tkw5twLimnf33n+S+nB4R6q+GQLi9XGMmbDhciSldMo5iq9rpXxKyITNGnSOma9I
pncbi+rJpuTEmsxoEV1Aupw2WjLnMdcO4O+DFblbN8bI9iv6z8F7TpXgjVV6waZ6
88g4iHKmgxM=
=CfX8
-----END PGP SIGNATURE-----