New Microsoft Security Bulletin

Microsoft Security Bulletin 20170717-0949

Microsoft Security Bulletin

07/17/2017

    CVE-2017-8590: Windows CLFS Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control of the affected system. An attacker who successfully exploited this vulnerability could run processes in an elevated context. The update addresses the vulnerability by correcting how CLFS handles objects in memory. Note: The Common Log File System (CLFS) is a high-performance, general-purpose log file subsystem that dedicated client applications can use and multiple clients can share to optimize log access.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8592: Microsoft Browser Security Feature Bypass
    • A security feature bypass vulnerability exists when Microsoft Browsers improperly handle redirect requests. This vulnerability allows Microsoft Browsers to bypass CORS redirect restrictions and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited this vulnerability could force the browser to send data that would otherwise be restricted to a destination web site of their choice. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how affected Microsoft Browsers handle redirect requests.
    • Severity: Security Update
    • Impact: Important
    ADV170009: July Flash Security Update
    • This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB17-21: CVE-2017-3099, CVE-2017-3080, CVE-2017-3100
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-0170: Windows Performance Monitor Information Disclosure Vulnerability
    • An information disclosure vulnerability exists in the Windows Performance Monitor Console when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create specially crafted XML data and convince an authenticated user to create a Data Collector Set and import the file. To create a Data Collector Set, the user must be a member of the Performance Log Users or Local Administrators group.  The update addresses the vulnerability by modifying the way that the Windows Performance Monitor Console parses XML input.
    • Severity: Security Update
    • Impact: Moderate
    CVE-2017-0243, CVE-2017-8570: Microsoft Office Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Office handles files in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8463: Windows Explorer Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists when Windows Explorer improperly handles executable files and shares during rename operations. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another user. Users not running as administrators would be less affected. To exploit this vulnerability, an attacker would first share both a folder and malware named with an executable extension, and then trick the user into thinking that the malware was the folder. The attacker could not force the user to open or browse the share but could use email or instant messages to trick them into doing so. The update addresses the vulnerability by correcting how Windows Explorer handles executable files and shares during rename operations.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8602: Microsoft Browser Spoofing Vulnerability
    • A spoofing vulnerability exists when an affected Microsoft browser does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it. In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically via an enticement in email or instant message, and then convince the user to interact with content on the website. The security update addresses the vulnerability by correcting how Microsoft browsers parse HTTP responses.
    • Severity: Monthly Rollup
    • Impact: Important
    CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8610, CVE-2017-8619, CVE-2017-8595, CVE-2017-8598: Scripting Engine Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way Microsoft Edge handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. In addition, an attacker could embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the browser rendering engine. Finally, the attacker could take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8606, CVE-2017-8607, CVE-2017-8608: Scripting Engine Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through a Microsoft browser and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines handle objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8467, CVE-2017-8577, CVE-2017-8578, CVE-2017-8580: Win32k Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8486: Win32k Information Disclosure Vulnerability
    • An information disclosure vulnerability exists in Microsoft Windows when Win32k fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker could create a special application to run on a target system. The update addresses the vulnerability by correcting how the Win32k handles objects in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8495: Kerberos SNAME Security Feature Bypass Vulnerability
    • A security feature bypass vulnerability exists in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field during ticket exchange. An attacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication. To exploit this vulnerability, an attacker would have to be able to launch a man-in-the-middle (MiTM) attack against the traffic passing between a client and the server. The update addresses this vulnerability by adding integrity protection to the SNAME field.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8609: Scripting Engine Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer or Microsoft Edge and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the scripting rendering engine. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerabilities. The security update addresses the vulnerability by modifying how the Scripting Engine handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8611: Microsoft Edge Spoofing Vulnerability
    • A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it. In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the user to interact with content on the website. The update addresses the vulnerability by correcting how Microsoft Edge parses HTTP responses.
    • Severity: Security Update
    • Impact: Moderate
    CVE-2017-8617: Microsoft Edge Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists in the way Microsoft Edge handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. In addition, an attacker could embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the browser rendering engine. Finally, the attacker could take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8618: Scripting Engine Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the Internet Explorer rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit this vulnerability. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The update addresses the vulnerability by modifying how the VBScript scripting engine handles objects in memory.
    • Severity: Monthly Rollup
    • Impact: Moderate
    CVE-2017-8501, CVE-2017-8502: Microsoft Office Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. Note that the Preview Pane is not an attack vector for this vulnerability. The security update addresses the vulnerability by correcting how Office handles objects in memory. 
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8556, CVE-2017-8573, CVE-2017-8574: Microsoft Graphics Component Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8621: Microsoft Exchange Open Redirect Vulnerability
    • An open redirect vulnerability exists in Microsoft Exchange that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. When an authenticated Exchange user clicks the link, the authenticated user’s browser session could be redirected to a malicious site that is designed to impersonate a legitimate website. By doing so, the attacker could trick the user and potentially acquire sensitive information, such as the user’s credentials. The update addresses the vulnerability by correcting how Exchange handles open redirect requests.
    • Severity: Security Update
    • Impact: Moderate
    CVE-2017-8557: Windows System Information Console Information Disclosure Vulnerability
    • An information disclosure vulnerability exists in the Windows System Information Console when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create a file containing specially crafted XML content and convince an authenticated user to open the file. The update addresses the vulnerability by modifying the way that the Windows System Information Console parses XML input.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8559, CVE-2017-8560: Microsoft Exchange Cross-Site Scripting Vulnerability
    • An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information. To exploit the vulnerability, an attacker could send a specially crafted email message containing a malicious link to a user. Alternatively, an attacker could use a chat client to social engineer a user into clicking the malicious link. The security update addresses the vulnerability by correcting how Microsoft Exchange validates web requests. Note: In order to exploit this vulnerability, a user must click a maliciously crafted link from an attacker.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8561: Windows Kernel Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.
    • Severity: Monthly Rollup
    • Impact: Important
    CVE-2017-8562: Windows ALPC Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC.
    • Severity: Monthly Rollup
    • Impact: Important
    CVE-2017-8563: Windows Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully forward an authentication request to a Windows LDAP server, such as a system running Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), which has been configured to require signing or sealing on incoming connections. The update addresses this vulnerability by incorporating support for Extended Protection for Authentication security feature, which allows the LDAP server to detect and block such forwarded authentication requests once enabled.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8564: Windows Kernel Information Disclosure Vulnerability
    • An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the base address of the kernel driver from a compromised process. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8565: Windows PowerShell Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. In an attack scenario, an attacker could execute malicious code in a PowerShell remote session. The update addresses the vulnerability by correcting how PowerShell deserializes user supplied scripts.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8566: Windows IME Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class.  The DCOM server is a Windows component installed regardless of which languages/IMEs are enabled. An attacker can instantiate the DCOM class and exploit the system even if IME is not enabled.  To exploit this vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how Windows IME handles parameters in a method of a DCOM class.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8569: SharePoint Server XSS Vulnerability
    • An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim’s identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8581: Win32k Elevation of Privilege Vulnerability
    • An elevation of privilege vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8582: Https.sys Information Disclosure Vulnerability
    • An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory.  An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system. A remote unauthenticated attacker could exploit this vulnerability by issuing a request to the HTTP.sys server application. The update addresses the vulnerability by correcting how the HTTP.sys server application handles objects in memory.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8584: HoloLens Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted WiFi packet.  The update addresses the vulnerability by correcting how Hololens handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8585: .NET Denial of Service Vulnerability
    • A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the .NET  application. The update addresses the vulnerability by correcting how the .NET web application handles web requests.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8587: Windows Explorer Denial of Service Vulnerability
    • An Denial Of Service vulnerability exists when Windows Explorer attempts to open a non-existent file.  An attacker who successfully exploited this vulnerability could cause a denial of service. A attacker could exploit this vulnerability by hosting a specially crafted web site and convince a user to browse to the page, containing the reference to the non-existing file, and cause the victim’s system to stop responding. An attacker could not force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker’s site The update addresses the vulnerability by correcting how Windows Explorer handles open attempts for non-existent files.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8588: WordPad Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists in the way that Microsoft WordPad parses specially crafted files.  Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft WordPad. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted file to the user and then convincing the user to open the file. The update addresses the vulnerability by correcting the way that Microsoft WordPad parses specially crafted files, and by enabling API functionality in Windows that Microsoft WordPad will leverage to resolve the identified issue.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8589: Windows Search Remote Code Execution Vulnerability
    • A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, the attacker could send specially crafted messages to the Windows Search service. An attacker with access to a target computer could exploit this vulnerability to elevate privileges and take control of the computer. Additionally, in an enterprise scenario, a remote unauthenticated attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer. The security update addresses the vulnerability by correcting how Windows Search handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8594: Internet Explorer Memory Corruption Vulnerability
    • A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by an enticement in an email or instant message, or by getting them to open an attachment sent through email. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory.
    • Severity: Monthly Rollup
    • Impact: Critical
    CVE-2017-8596: Microsoft Edge Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way Microsoft Edge handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. In addition, an attacker could embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the browser rendering engine. Finally, the attacker could take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.
    • Severity: Security Update
    • Impact: Critical
    CVE-2017-8599: Microsoft Edge Security Feature Bypass Vulnerability
    • A security feature bypass vulnerability exists when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows. An attacker could use this vulnerability to trick a user into loading a page with malicious content. To exploit this vulnerability, an attacker would need to trick a user into loading a page or visiting a website. The page could also be injected into a compromised website or ad network. The update addresses the vulnerability by correcting the Same Origin Policy check for scripts attempting to manipulate HTML elements in other browser windows.
    • Severity: Security Update
    • Impact: Important
    CVE-2017-8601: Scripting Engine Memory Corruption Vulnerability
    • A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the Edge rendering engine. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The update addresses the vulnerability by modifying how the Chakra JavaScript scripting engine handles objects in memory.
    • Severity: Security Update
    • Impact: Critical