Posts

Microsoft Security Bulletin Coverage for July 2017

/in /by

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of July, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0170 Windows Performance Monitor Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0243 Microsoft Office Remote Code Execution Vulnerability
    spy:1522 Malformed-File doc.MP.45

  • CVE-2017-8463 Windows Explorer Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8467 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8486 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8495 Kerberos SNAME Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8501 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8502 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8556 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8557 Windows System Information Console Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8559 Microsoft Exchange Cross-Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8560 Microsoft Exchange Cross-Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8561 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8562 Windows ALPC Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8563 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8564 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8565 Windows PowerShell Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8566 Windows IME Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8569 SharePoint Server XSS Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8570 Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8571 Office Outlook Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8572 Office Outlook Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8573 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8574 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8577 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8578 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8580 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8581 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8582 Asp.Net Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8584 Hololens Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8585 .NET Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8587 Windows Explorer Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8588 WordPad Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8589 Windows Search Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8590 Windows CLFS Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8592 Microsoft Browser Security Feature Bypass
    ips:12885 Microsoft Browser Security Feature Bypass (JUL 17)

  • CVE-2017-8594 Internet Explorer Memory Corruption Vulnerability
    ips:12886 Internet Explorer Memory Corruption Vulnerability (JUL 17)

  • CVE-2017-8595 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8596 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8598 Scripting Engine Memory Corruption Vulnerability
    ips:12887 Scripting Engine Memory Corruption Vulnerability (JUL 17) 1

  • CVE-2017-8599 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8601 Scripting Engine Memory Corruption Vulnerability
    ips:12888 Scripting Engine Memory Corruption Vulnerability (JUL 17) 2

  • CVE-2017-8602 Microsoft Browser Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8603 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8604 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8605 Scripting Engine Memory Corruption Vulnerability
    ips:12889 Scripting Engine Memory Corruption Vulnerability (JUL 17) 3

  • CVE-2017-8606 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8607 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8608 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8609 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8610 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8611 Microsoft Edge Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8617 Microsoft Edge Remote Code Execution Vulnerability
    ips:12890 Microsoft Edge Remote Code Execut
    ion Vulnerability (JUL 17) 1

  • CVE-2017-8618 Internet Explorer Remote Code Execution Vulnerability
    ips:12892 Internet Explorer Remote Code Execution Vulnerability (JUL 17) 1

  • CVE-2017-8619 Microsoft Edge Remote Code Execution Vulnerability
    ips:12891 Microsoft Edge Remote Code Execution Vulnerability (JUL 17) 2

  • CVE-2017-8621 Microsoft Exchange Open Redirect Vulnerability
    There are no known exploits in the wild.

Adobe Coverage

APSB17-21 Security updates for Adobe Flash Player:

  • CVE-2017-3080 
    spy:1526 Malformed-File dll.MP.1

  • CVE-2017-3099 
    spy:1527 Malformed-File swf.MP.570

  • CVE-2017-3100 
    spy:1528 Malformed-File swf.MP.571

Microsoft Security Bulletin Coverage for July 2017

/in /by

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of July, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0170 Windows Performance Monitor Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-0243 Microsoft Office Remote Code Execution Vulnerability
    spy:1522 Malformed-File doc.MP.45

  • CVE-2017-8463 Windows Explorer Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8467 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8486 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8495 Kerberos SNAME Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8501 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8502 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8556 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8557 Windows System Information Console Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8559 Microsoft Exchange Cross-Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8560 Microsoft Exchange Cross-Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8561 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8562 Windows ALPC Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8563 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8564 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8565 Windows PowerShell Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8566 Windows IME Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8569 SharePoint Server XSS Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8570 Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8571 Office Outlook Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8572 Office Outlook Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8573 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8574 Microsoft Graphics Component Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8577 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8578 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8580 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8581 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8582 Asp.Net Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8584 Hololens Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8585 .NET Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8587 Windows Explorer Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8588 WordPad Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8589 Windows Search Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8590 Windows CLFS Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8592 Microsoft Browser Security Feature Bypass
    ips:12885 Microsoft Browser Security Feature Bypass (JUL 17)

  • CVE-2017-8594 Internet Explorer Memory Corruption Vulnerability
    ips:12886 Internet Explorer Memory Corruption Vulnerability (JUL 17)

  • CVE-2017-8595 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8596 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8598 Scripting Engine Memory Corruption Vulnerability
    ips:12887 Scripting Engine Memory Corruption Vulnerability (JUL 17) 1

  • CVE-2017-8599 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8601 Scripting Engine Memory Corruption Vulnerability
    ips:12888 Scripting Engine Memory Corruption Vulnerability (JUL 17) 2

  • CVE-2017-8602 Microsoft Browser Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8603 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8604 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8605 Scripting Engine Memory Corruption Vulnerability
    ips:12889 Scripting Engine Memory Corruption Vulnerability (JUL 17) 3

  • CVE-2017-8606 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8607 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8608 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8609 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8610 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8611 Microsoft Edge Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8617 Microsoft Edge Remote Code Execution Vulnerability
    ips:12890 Microsoft Edge Remote Code Execut
    ion Vulnerability (JUL 17) 1

  • CVE-2017-8618 Internet Explorer Remote Code Execution Vulnerability
    ips:12892 Internet Explorer Remote Code Execution Vulnerability (JUL 17) 1

  • CVE-2017-8619 Microsoft Edge Remote Code Execution Vulnerability
    ips:12891 Microsoft Edge Remote Code Execution Vulnerability (JUL 17) 2

  • CVE-2017-8621 Microsoft Exchange Open Redirect Vulnerability
    There are no known exploits in the wild.

Adobe Coverage

APSB17-21 Security updates for Adobe Flash Player:

  • CVE-2017-3080 
    spy:1526 Malformed-File dll.MP.1

  • CVE-2017-3099 
    spy:1527 Malformed-File swf.MP.570

  • CVE-2017-3100 
    spy:1528 Malformed-File swf.MP.571