Posts

Microsoft Security Bulletin Coverage for May 2017

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of May, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0064 Internet Explorer Security Feature Bypass Vulnerability
    IPS:12779 Internet Explorer Security Feature Bypass Vulnerability (May 17)
  • CCVE-2017-0077 Win32k Information Disclosure Vulnerability
    SPY:1462 Malformed-File exe.MP.32
  • CVE-2017-0171 Windows DNS Server Denial of Service Vulnerability
    IPS:12777 Windows DNS Server Denial of Service Vulnerability (May 17)
  • CVE-2017-0175 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0190 Windows GDI Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0212 Windows Hyper-V vSMB Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0213 Windows COM Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0214 Windows COM Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0220 Windows COM Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0221 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0222 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0224 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0226 Microsoft Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0227 Microsoft Edge Memory Corruption Vulnerability
    IPS:12778 Microsoft Edge Memory Corruption Vulnerability (MAY 17) 1
  • CVE-2017-0228 Scripting Engine Memory Corruption Vulnerability
    IPS:12780 Scripting Engine Memory Corruption Vulnerability (MAY 17) 1
  • CVE-2017-0229 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0230 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0231 Microsoft Browser Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0233 Microsoft Edge Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0234 Scripting Engine Memory Corruption Vulnerability
    IPS:12782 Scripting Engine Memory Corruption Vulnerability (MAY 17) 2
  • CVE-2017-0235 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0236 Scripting Engine Memory Corruption Vulnerability
    IPS:12783 Scripting Engine Memory Corruption Vulnerability (MAY 17) 3
  • CVE-2017-0238 Scripting Engine Memory Corruption Vulnerability
    IPS:12784 Scripting Engine Memory Corruption Vulnerability (MAY 17) 4
  • CVE-2017-0240 Microsoft Edge Memory Corruption Vulnerability
    IPS:12785 Microsoft Edge Memory Corruption Vulnerability (MAY 17) 2
  • CVE-2017-0241 Microsoft Edge Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0242 Microsoft ActiveX Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0243 Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0244 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0245 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0246 Win32k Elevation of Privilege Vulnerability
    SPY:1466 Malformed-File exe.MP.33
  • CVE-2017-0248 .Net Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0254 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0255 Microsoft SharePoint XSS Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0258 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0259 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0261 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0262 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0263 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0264 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0265 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0266 Microsoft Edge Remote Code Execution Vulnerability
    IPS:12781 Microsoft Edge Remote Code Execution Vulnerability (May 17) 1
  • CVE-2017-0267 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0268 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0269 Windows SMB Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0270 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0271 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0272 Windows SMB Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0273 Windows SMB Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0274 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0275 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0276 Windows SMB Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0277 Windows SMB Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0278 Windows SMB Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0279 Windows SMB Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0280 Windows SMB Deni
    al of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0281 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.

Adobe Coverage

APSB17-15 Security updates for Adobe Flash Player:

  • CVE-2017-3071 Adobe Flash Player Use After Free Vulnerability
    Spy:1471 Malformed-File swf.MP.558
  • CVE-2017-3068 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1475 Malformed-File flv.MP.1
  • CVE-2017-3069 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1469 Malformed-File swf.MP.556
  • CVE-2017-3070 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1470 Malformed-File swf.MP.557
  • CVE-2017-3072 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1472 Malformed-File swf.MP.559
  • CVE-2017-3073 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1473 Malformed-File swf.MP.560
  • CVE-2017-3074 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1474 Malformed-File swf.MP.561