Posts

Microsoft Security Bulletin Coverage for July 2017

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of June, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0173 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0193 Hypervisor Code Integrity Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0215 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0216 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0218 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0219 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0260 Microsoft Office Remote Code Execution
    There are no known exploits in the wild.
  • CVE-2017-0282 Windows Uniscribe Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0283 Windows Uniscribe Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0284 Windows Uniscribe Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0285 Windows Uniscribe Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0286 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0287 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0288 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0289 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0291 Windows PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0292 Windows PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0294 Windows Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0295 Windows Default Folder Tampering Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0296 Windows TDX Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0297 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0298 Windows COM Session Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0299 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0300 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8460 Windows PDF Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8461 Windows SMB Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8462 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8464 LNK Remote Code Execution Vulnerability
    SPY:1493 Malformed-File lnk.MP.2
  • CVE-2017-8465 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8466 Windows Cursor Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8468 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8469 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8470 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8471 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8472 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8473 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8474 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8475 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8476 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8477 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8478 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8479 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8480 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8481 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8482 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8483 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8484 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8485 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8487 Windows olecnv32.dll Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8488 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8489 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8490 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8491 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8492 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8493 Windows Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8494 Windows Elevation of Privilege V
    ulnerability
    There are no known exploits in the wild.
  • CVE-2017-8496 Microsoft Edge Memory Corruption Vulnerability
    IPS:12846 Microsoft Edge Memory Corruption Vulnerability (JUN 17) 1
  • CVE-2017-8497 Microsoft Edge Memory Corruption Vulnerability
    IPS:12845 Microsoft Browser Memory Corruption Vulnerability (JUN 17) 1
  • CVE-2017-8498 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8499 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8504 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8506 Microsoft Office Remote Code Execution
    There are no known exploits in the wild.
  • CVE-2017-8507 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8508 Microsoft Office Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8509 Microsoft Office Remote Code Execution Vulnerability
    SPY:1489 Malformed-File doc.MP.44
  • CVE-2017-8510 Microsoft Office Remote Code Execution Vulnerability
    SPY:1492 Malformed-File rtf.MP.19
  • CVE-2017-8511 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8512 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8513 Microsoft PowerPoint Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8514 Microsoft SharePoint Reflective XSS Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8515 Windows VAD Cloning Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8517 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8519 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8520 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8521 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8522 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8523 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8524 Scripting Engine Memory Corruption Vulnerability
    IPS:12843 Scripting Engine Memory Corruption Vulnerability (JUN 17) 1
  • CVE-2017-8527 Windows Graphics Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8528 Windows Uniscribe Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8529 Microsoft Browser Information Disclosure Vulnerability
    IPS:12844 Microsoft Browser Information Disclosure Vulnerability (JUN 17) 1
  • CVE-2017-8530 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8531 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8532 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8533 Windows Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8534 Windows Uniscribe Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8543 Windows Search Remote Code Execution Vulnerability
    IPS:12847 Windows Search Remote Code Execution Vulnerability (JUN 17) 1
  • IPS:12848 Windows Search Remote Code Execution Vulnerability (JUN 17) 2

  • CVE-2017-8544 Windows Search Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8545 Microsoft Outlook for Mac Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8547 Internet Explorer Memory Corruption Vulnerability
    SPY:6315 HTTP Client Shellcode Exploit 86
  • CVE-2017-8548 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8549 Scripting Engine Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8550 Skype for Business Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8551 SharePoint XSS vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8553 GDI Information Disclosure Vulnerablity
    There are no known exploits in the wild.
  • CVE-2017-8554 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8555 Microsoft Edge Security Feature Bypass
    There are no known exploits in the wild.

Adobe Coverage

APSB17-17 Security updates for Adobe Flash Player:

  • CVE-2017-3075 Adobe Flash Player Use After Free Vulnerability
    Spy:1494 Malformed-File swf.MP.562
  • CVE-2017-3081 Adobe Flash Player Use After Free Vulnerability
    Spy:1499 Malformed-File swf.MP.565
    Spy:1500 Malformed-File swf.MP.566
  • CVE-2017-3083 Adobe Flash Player Use After Free Vulnerability
    Spy:1502 Malformed-File swf.MP.568
  • CVE-2017-3084 Adobe Flash Player Use After Free Vulnerability
    Spy:1503 Malformed-File swf.MP.569
  • CVE-2017-3076 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1495 Malformed-File swf.MP.563
  • CVE-2017-3077 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1496 Malformed-File png.MP.3
  • CVE-2017-3078 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1497 Malformed-File atf.MP.1
  • CVE-2017-3079 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1498 Malformed-File swf.MP.564
  • CVE-2017-3082 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1501 Malformed-File swf.MP.567