October 2017 Security Updates

Published: 2017-10-10. Last Updated: 2017-10-10 21:42:48 UTC
by Richard Porter (Version: 1)

Description				MSFT Severity
CVE	Disclosed/Exploited	Exploitability (old/current)	Client Severity	Server Severity
Microsoft Office Remote Code Execution Vulnerability				Important
CVE-2017-11825	No/No	?/?	Critical	Important
Internet Explorer Memory Corruption Vulnerability				Critical
CVE-2017-11822	No/No	More Likely/More Likely	Critical	Critical
CVE-2017-11813	No/No	?/?
Windows Subsystem for Linux Denial of Service Vulnerability				Important
CVE-2017-8703	Yes/No	?/?	Important	Important
Microsoft Edge Memory Corruption Vulnerability				Important
CVE-2017-8726	No/No	?/?	Important	Important
Microsoft Office Memory Corruption Vulnerability				Important
CVE-2017-11826	Yes/Yes	More Likely/Detected	Patch Now	Important
Scripting Engine Memory Corruption Vulnerability				Critical
CVE-2017-11821	No/No	?/?	Critical	Critical
CVE-2017-11792	No/No	?/?
CVE-2017-11793	No/No	More Likely/More Likely
CVE-2017-11796	No/No	?/?
CVE-2017-11798	No/No	?/?
CVE-2017-11799	No/No	?/?
CVE-2017-11800	No/No	?/?
CVE-2017-11801	No/No	?/?
CVE-2017-11802	No/No	?/?
CVE-2017-11804	No/No	?/?
CVE-2017-11805	No/No	?/?
CVE-2017-11806	No/No	?/?
CVE-2017-11807	No/No	?/?
CVE-2017-11808	No/No	?/?
CVE-2017-11809	No/No	?/?
CVE-2017-11810	No/No	More Likely/More Likely
CVE-2017-11811	No/No	?/?
CVE-2017-11812	No/No	?/?
Microsoft Windows Security Feature Bypass				Important
CVE-2017-11823	No/No	More Likely/More Likely	Important	Important
Windows SMB Information Disclosure Vulnerability				Important
CVE-2017-11815	No/No	?/?	Important	Important
Windows Shell Memory Corruption Vulnerability				Critical
CVE-2017-8727	No/No	More Likely/More Likely	Critical	Critical
Windows Server 2008 Defense in Depth
ADV170016	No/No	Less Likely/Less Likely
Windows Information Disclosure Vulnerability				Important
CVE-2017-11817	No/No	Less Likely/Less Likely	Important	Important
Internet Explorer Information Disclosure Vulnerability				Important
CVE-2017-11790	No/No	Less Likely/Less Likely	Important	Important
Microsoft Office SharePoint XSS Vulnerability				Important
CVE-2017-11775	No/No	Less Likely/Less Likely	N/A	Important
CVE-2017-11777	Yes/No	Less Likely/Less Likely
CVE-2017-11820	No/No	Less Likely/Less Likely
Windows Search Remote Code Execution Vulnerability				Critical
CVE-2017-11771	No/No	More Likely/More Likely	Critical	Critical
Windows Shell Remote Code Execution Vulnerability				Critical
CVE-2017-11819	No/No	?/?	Critical	Critical
Microsoft Outlook Security Feature Bypass Vulnerability				Important
CVE-2017-11774	No/No	Less Likely/Less Likely	Important	Important
Scripting Engine Information Disclosure Vulnerability				Critical
CVE-2017-11797	No/No	?/?	Critical	Critical
Windows SMB Elevation of Privilege Vulnerability				Important
CVE-2017-11782	No/No	More Likely/More Likely	Important	Important
Windows Security Feature Bypass Vulnerability				Important
CVE-2017-8715	No/No	More Likely/More Likely	Important	Important
Microsoft Graphics Information Disclosure Vulnerability				Important
CVE-2017-8693	No/No	More Likely/More Likely	Important	Important
Windows Elevation of Privilege Vulnerability				Important
CVE-2017-11783	No/No	More Likely/More Likely	Important	Important
Microsoft Search Information Disclosure Vulnerability				Important
CVE-2017-11772	No/No	More Likely/More Likely	Important	Important
Microsoft Graphics Remote Code Execution Vulnerability				Critical
CVE-2017-11762	No/No	More Likely/More Likely	Critical	Critical
CVE-2017-11763	No/No	More Likely/More Likely
Microsoft Outlook Information Disclosure Vulnerability				Important
CVE-2017-11776	No/No	Unlikely/Unlikely	Important	Important
Skype for Business Elevation of Privilege Vulnerability				Important
CVE-2017-11786	No/No	Unlikely/Unlikely	Important	Important
Optional Windows NTLM SSO authentication changes
ADV170014	No/No	Less Likely/Less Likely
Microsoft Edge Information Disclosure Vulnerability
CVE-2017-11794	No/No	?/?
Vulnerability in TPM could allow Security Feature Bypass				Critical
ADV170012	No/No	Less Likely/Less Likely	Critical	Critical
Windows DNSAPI Remote Code Execution Vulnerability				Critical
CVE-2017-11779	No/No	Less Likely/Less Likely	Critical	Critical
Win32k Elevation of Privilege Vulnerability				Important
CVE-2017-8689	No/No	More Likely/More Likely	Important	Important
CVE-2017-8694	No/No	More Likely/More Likely
Windows Graphics Component Elevation of Privilege Vulnerability				Important
CVE-2017-11824	No/No	?/?	Important	Important
Windows Kernel Information Disclosure Vulnerability				Important
CVE-2017-11765	No/No	More Likely/More Likely	Important	Important
CVE-2017-11784	No/No	Less Likely/Less Likely
CVE-2017-11785	No/No	Less Likely/Less Likely
CVE-2017-11814	No/No	More Likely/More Likely
Windows Update Delivery Optimization Elevation of Privilege Vulnerability				Important
CVE-2017-11829	No/No	Less Likely/Less Likely	Important	Important
Windows SMB Remote Code Execution Vulnerability				Important
CVE-2017-11780	No/No	More Likely/More Likely	Important	Important
Office Defense in Depth Update				None
ADV170017	No/No	Less Likely/Less Likely	None	None
Windows GDI Information Disclosure Vulnerability				Important
CVE-2017-11816	No/No	More Likely/More Likely	Important	Important
TRIE Remote Code Execution Vulnerability				Important
CVE-2017-11769	No/No	Less Likely/Less Likely	Important	Important
Microsoft JET Database Engine Remote Code Execution Vulnerability				Important
CVE-2017-8717	No/No	Less Likely/Less Likely	Important	Important
CVE-2017-8718	No/No	Less Likely/Less Likely
Windows Storage Security Feature Bypass Vulnerability				Important
CVE-2017-11818	No/No	Less Likely/Less Likely	Important	Important
Windows SMB Denial of Service Vulnerability				Important
CVE-2017-11781	No/No	Unlikely/Unlikely	Important	Important

Keywords:

5 comment(s)

Comments

More info for CVE-2017-11779: https://www.bishopfox.com/blog/2017/10/a-bug-has-no-name-multiple-heap-buffer-overflows-in-the-windows-dns-client/

More info for CVE-2017-11826: http://360coresec.blogspot.com/2017/10/new-office-0day-cve-2017-11826.html

I am seeing chatter about the Oct cumulative update causing BSOD issues in Win10.... and it looks like KB4041691 has already been pulled/expired/replaced

This one talks specifically about 1703
https://www.neowin.net/news/windows-10-mandatory-october-kb4041676-update-is-causing-machines-to-bsod

This one talks about 1607
https://www.reddit.com/r/sysadmin/comments/75o0oq/windows_security_updates_broke_30_of_our_machines/

What I've been reading about the BSOD situation is that it is caused by a duplicate of updates being pushed through WSUS. That seems to be the source of the problems. People not using WSUS should be fine.

https://www.neowin.net/news/windows-10-mandatory-october-kb4041676-update-is-causing-machines-to-bsod

None of the CVE links work for me! I get "CVE ID Not Found".

Since the CVE links are invalid, why isn't there a link provided to each Microsoft KB, or at least list the Microsoft KB #?

Internet Storm Center

October 2017 Security Updates

Comments

Anonymous

Oct 10th 2017
7 years ago

Anonymous

Oct 11th 2017
7 years ago

Anonymous

Oct 12th 2017
7 years ago

Anonymous

Oct 12th 2017
7 years ago

Anonymous

Oct 12th 2017
7 years ago

October 2017 Security Updates

Comments

Anonymous

Oct 10th 20177 years ago

Anonymous

Oct 11th 20177 years ago

Anonymous

Oct 12th 20177 years ago

Anonymous

Oct 12th 20177 years ago

Anonymous

Oct 12th 20177 years ago

Oct 10th 2017
7 years ago

Oct 11th 2017
7 years ago

Oct 12th 2017
7 years ago

Oct 12th 2017
7 years ago

Oct 12th 2017
7 years ago