Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2017.0142
Microsoft Windows Security Updates
13 September 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Administrator Compromise -- Existing Account
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-9417 CVE-2017-8746 CVE-2017-8737
CVE-2017-8728 CVE-2017-8720 CVE-2017-8719
CVE-2017-8716 CVE-2017-8714 CVE-2017-8713
CVE-2017-8712 CVE-2017-8711 CVE-2017-8710
CVE-2017-8709 CVE-2017-8708 CVE-2017-8707
CVE-2017-8706 CVE-2017-8704 CVE-2017-8702
CVE-2017-8699 CVE-2017-8696 CVE-2017-8695
CVE-2017-8692 CVE-2017-8688 CVE-2017-8687
CVE-2017-8686 CVE-2017-8685 CVE-2017-8684
CVE-2017-8683 CVE-2017-8682 CVE-2017-8681
CVE-2017-8680 CVE-2017-8679 CVE-2017-8678
CVE-2017-8677 CVE-2017-8676 CVE-2017-8675
CVE-2017-8628 CVE-2017-0161
Member content until: Friday, October 13 2017
Reference: ESB-2017.1783
ESB-2017.1777
ESB-2017.1776
ESB-2017.1774
ESB-2017.1686
ESB-2017.1685
Comment: CVE-2017-8628 can be exploited using readily available tools.
OVERVIEW
Microsoft has released its monthly security patch update for the
month of September 2017. [1]
This update resolves 38 vulnerabilities across the following
products:
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server
Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server
Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2017-0161 Remote Code Execution Critical
CVE-2017-8628 Spoofing Important
CVE-2017-8675 Elevation of Privilege Important
CVE-2017-8676 Information Disclosure Important
CVE-2017-8677 Information Disclosure Important
CVE-2017-8678 Information Disclosure Important
CVE-2017-8679 Information Disclosure Important
CVE-2017-8680 Information Disclosure Important
CVE-2017-8681 Information Disclosure Important
CVE-2017-8682 Remote Code Execution Critical
CVE-2017-8683 Information Disclosure Important
CVE-2017-8684 Information Disclosure Important
CVE-2017-8685 Information Disclosure Important
CVE-2017-8686 Remote Code Execution Critical
CVE-2017-8687 Information Disclosure Important
CVE-2017-8688 Information Disclosure Important
CVE-2017-8692 Remote Code Execution Important
CVE-2017-8695 Information Disclosure Important
CVE-2017-8696 Remote Code Execution Critical
CVE-2017-8699 Remote Code Execution Important
CVE-2017-8702 Elevation of Privilege Important
CVE-2017-8704 Denial of Service Important
CVE-2017-8706 Information Disclosure Important
CVE-2017-8707 Information Disclosure Important
CVE-2017-8708 Information Disclosure Important
CVE-2017-8709 Information Disclosure Important
CVE-2017-8710 Information Disclosure Important
CVE-2017-8711 Information Disclosure Important
CVE-2017-8712 Information Disclosure Important
CVE-2017-8713 Information Disclosure Important
CVE-2017-8714 Remote Code Execution Important
CVE-2017-8716 Security Feature Bypass Important
CVE-2017-8719 Information Disclosure Important
CVE-2017-8720 Elevation of Privilege Important
CVE-2017-8728 Remote Code Execution Critical
CVE-2017-8737 Remote Code Execution Critical
CVE-2017-8746 Security Feature Bypass Important
CVE-2017-9417 Remote Code Execution Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Cataloge for the following
Knowledge Base articles. [1]
KB4039038, KB4038793, KB4039325, KB4038781, KB4032201 KB4039266,
KB4034786, KB4038874, KB4039384, KB4038799 KB4038788, KB4038786,
KB4038779, KB4038783, KB4038782 KB4038792, KB4038777
REFERENCES
[1] Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWbh3aIx+lLeg9Ub1AQiiRQ/+J7PKK+94hhasCohg9/pz/dUef6oqADW2
TphRW94qjKBv2dNWhCH5j3hx9yni+R9I2KEkXaqTuDIUY6Q/lNC4fjdxvw+D6AuT
lLuZp3dmHSsjY+9vVjTzoGdyiQcQpvw5jk/co8d7QOLOWAs06Gbj0uttPuH0qkip
u0Ru04qh3p52HbFu67hkR1rKMEDpTTGsLX8BSZGoyAxTK7ZmBgOJlm64VhCXRX7O
ufknw0kTHWDz1Qa1JRnUCCoLF6SZH0PyjlRCX8aunRHxkXdfmYAESLJ4C37OoBoQ
rm/wWsWyw+rGxFHZsckzAhDiYecEA2on5tbyKqNC/P/yDzqoAIoEyN1/9bG2WbJs
NTSG6cFZPOutsLbX1b8BpiDxC3tsYdcoD84JA5NoQ9rFAffSqTdtgxO+qstp4UbZ
Pq+Xcalrdvkpx8qpVUWmKmuxsHjxS1YB1nztvMM1+86ujKxJdYMBJkFWz8+MPzkl
xpEsruCNYrX9K7RKAnWMqqFDDJ6znGKgBbGabNdRZqEOrs2EWaRdY+qQxlJ2HFrs
LmbUyksur03AAGjx4EOHtdrkkNvJ8jV6bswl7zJPZsyWDMrlrfzAXo2Xkzw7TnsL
qp4eV+nLtatvh5AGKz21MuRAgoZCSyS6CNCSqaWGqwoaWMiFgTcoMZiEFfPU0hiq
dLle5yqt6wg=
=vvvA
-----END PGP SIGNATURE-----