Posts

Microsoft Security Bulletin Coverage for September 2017

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of September, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0161 NetBIOS Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-11761 Microsoft Exchange Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-11764 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-11766 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8567 Microsoft Office Remote Code Execution
    There are no known exploits in the wild.
  • CVE-2017-8597 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8628 Microsoft Bluetooth Driver Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8629 Microsoft SharePoint XSS Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8630 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8631 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8632 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8643 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8648 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8649 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8660 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8675 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8676 Windows GDI+ Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8677 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8678 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8679 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8680 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8681 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8682 Win32k Graphics Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8683 Win32k Graphics Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8684 Windows GDI+ Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8685 Windows GDI+ Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8686 Windows DHCP Server Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8687 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8688 Windows GDI+ Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8692 Uniscribe Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8695 Graphics Component Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8696 Microsoft Graphics Component Remote Code Execution
    There are no known exploits in the wild.
  • CVE-2017-8699 Windows Shell Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8702 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8704 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8706 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8707 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8708 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8709 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8710 Windows Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8711 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8712 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8713 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8714 Remote Desktop Virtual Host Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8716 Windows Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8719 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8720 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8723 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8724 Microsoft Edge Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8725 Microsoft Office Publisher Remote Code Execution
    There are no known exploits in the wild.
  • CVE-2017-8728 Microsoft PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8729 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8731 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8733 Internet Explorer Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8734 Microsoft Edge Memory Corruption Vulnerability
    ips:12977
     Microsoft Edge Memory Corruption Vulnerability (SEP 17) 1

  • CVE-2017-8735 Microsoft Edge Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8736 Microsoft Browser Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8737 Microsoft PDF Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8738 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8739 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8740 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8741 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8742 PowerPoint Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8743 PowerPoint Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8744 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8745 Microsoft SharePoint Cross Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8746 Device Guard Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8747 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8748 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8749 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8750 Microsoft Browser Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8751 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8752 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8753 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8754 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8755 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8756 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8757 Microsoft Edge Remote Code Execution Vulnerability
    ips:12978 Microsoft Edge Remote Code Execution Vulnerability (SEP 17) 1

  • CVE-2017-8758 Microsoft Exchange Cross-Site Scripting Vulnerability
    There are no known exploits in the wild.
  • CVE-2017-8759 .NET Framework Remote Code Execution Vulnerability
    ips:12980 .NET Framework Remote Code Execution Vulnerability (Sep 17)

  • CVE-2017-9417 Broadcom BCM43xx Remote Code Execution Vulnerability
    There are no known exploits in the wild.

Adobe Coverage

  • CVE-2017-11281 Adobe Flash Player Memory Corruption Vulnerability 
    spy:1572 Malformed-File mp4.MP.2

  • CVE-2017-11281 Adobe Flash Player Memory Corruption Vulnerability 
    spy:1573 Malformed-File mp4.MP.3

  • CVE-2017-11282 Adobe Flash Player Memory Corruption Vulnerability 
    spy:1574 Malformed-File swf.MP.573