October 2017 Security Updates
Description | MSFT Severity | |||
---|---|---|---|---|
CVE | Disclosed/Exploited | Exploitability (old/current) | Client Severity | Server Severity |
Microsoft Office Remote Code Execution Vulnerability | Important | |||
CVE-2017-11825 | No/No | ?/? | Critical | Important |
Internet Explorer Memory Corruption Vulnerability | Critical | |||
CVE-2017-11822 | No/No | More Likely/More Likely | Critical | Critical |
CVE-2017-11813 | No/No | ?/? | ||
Windows Subsystem for Linux Denial of Service Vulnerability | Important | |||
CVE-2017-8703 | Yes/No | ?/? | Important | Important |
Microsoft Edge Memory Corruption Vulnerability | Important | |||
CVE-2017-8726 | No/No | ?/? | Important | Important |
Microsoft Office Memory Corruption Vulnerability | Important | |||
CVE-2017-11826 | Yes/Yes | More Likely/Detected | Patch Now | Important |
Scripting Engine Memory Corruption Vulnerability | Critical | |||
CVE-2017-11821 | No/No | ?/? | Critical | Critical |
CVE-2017-11792 | No/No | ?/? | ||
CVE-2017-11793 | No/No | More Likely/More Likely | ||
CVE-2017-11796 | No/No | ?/? | ||
CVE-2017-11798 | No/No | ?/? | ||
CVE-2017-11799 | No/No | ?/? | ||
CVE-2017-11800 | No/No | ?/? | ||
CVE-2017-11801 | No/No | ?/? | ||
CVE-2017-11802 | No/No | ?/? | ||
CVE-2017-11804 | No/No | ?/? | ||
CVE-2017-11805 | No/No | ?/? | ||
CVE-2017-11806 | No/No | ?/? | ||
CVE-2017-11807 | No/No | ?/? | ||
CVE-2017-11808 | No/No | ?/? | ||
CVE-2017-11809 | No/No | ?/? | ||
CVE-2017-11810 | No/No | More Likely/More Likely | ||
CVE-2017-11811 | No/No | ?/? | ||
CVE-2017-11812 | No/No | ?/? | ||
Microsoft Windows Security Feature Bypass | Important | |||
CVE-2017-11823 | No/No | More Likely/More Likely | Important | Important |
Windows SMB Information Disclosure Vulnerability | Important | |||
CVE-2017-11815 | No/No | ?/? | Important | Important |
Windows Shell Memory Corruption Vulnerability | Critical | |||
CVE-2017-8727 | No/No | More Likely/More Likely | Critical | Critical |
Windows Server 2008 Defense in Depth | ||||
ADV170016 | No/No | Less Likely/Less Likely | ||
Windows Information Disclosure Vulnerability | Important | |||
CVE-2017-11817 | No/No | Less Likely/Less Likely | Important | Important |
Internet Explorer Information Disclosure Vulnerability | Important | |||
CVE-2017-11790 | No/No | Less Likely/Less Likely | Important | Important |
Microsoft Office SharePoint XSS Vulnerability | Important | |||
CVE-2017-11775 | No/No | Less Likely/Less Likely | N/A | Important |
CVE-2017-11777 | Yes/No | Less Likely/Less Likely | ||
CVE-2017-11820 | No/No | Less Likely/Less Likely | ||
Windows Search Remote Code Execution Vulnerability | Critical | |||
CVE-2017-11771 | No/No | More Likely/More Likely | Critical | Critical |
Windows Shell Remote Code Execution Vulnerability | Critical | |||
CVE-2017-11819 | No/No | ?/? | Critical | Critical |
Microsoft Outlook Security Feature Bypass Vulnerability | Important | |||
CVE-2017-11774 | No/No | Less Likely/Less Likely | Important | Important |
Scripting Engine Information Disclosure Vulnerability | Critical | |||
CVE-2017-11797 | No/No | ?/? | Critical | Critical |
Windows SMB Elevation of Privilege Vulnerability | Important | |||
CVE-2017-11782 | No/No | More Likely/More Likely | Important | Important |
Windows Security Feature Bypass Vulnerability | Important | |||
CVE-2017-8715 | No/No | More Likely/More Likely | Important | Important |
Microsoft Graphics Information Disclosure Vulnerability | Important | |||
CVE-2017-8693 | No/No | More Likely/More Likely | Important | Important |
Windows Elevation of Privilege Vulnerability | Important | |||
CVE-2017-11783 | No/No | More Likely/More Likely | Important | Important |
Microsoft Search Information Disclosure Vulnerability | Important | |||
CVE-2017-11772 | No/No | More Likely/More Likely | Important | Important |
Microsoft Graphics Remote Code Execution Vulnerability | Critical | |||
CVE-2017-11762 | No/No | More Likely/More Likely | Critical | Critical |
CVE-2017-11763 | No/No | More Likely/More Likely | ||
Microsoft Outlook Information Disclosure Vulnerability | Important | |||
CVE-2017-11776 | No/No | Unlikely/Unlikely | Important | Important |
Skype for Business Elevation of Privilege Vulnerability | Important | |||
CVE-2017-11786 | No/No | Unlikely/Unlikely | Important | Important |
Optional Windows NTLM SSO authentication changes | ||||
ADV170014 | No/No | Less Likely/Less Likely | ||
Microsoft Edge Information Disclosure Vulnerability | ||||
CVE-2017-11794 | No/No | ?/? | ||
Vulnerability in TPM could allow Security Feature Bypass | Critical | |||
ADV170012 | No/No | Less Likely/Less Likely | Critical | Critical |
Windows DNSAPI Remote Code Execution Vulnerability | Critical | |||
CVE-2017-11779 | No/No | Less Likely/Less Likely | Critical | Critical |
Win32k Elevation of Privilege Vulnerability | Important | |||
CVE-2017-8689 | No/No | More Likely/More Likely | Important | Important |
CVE-2017-8694 | No/No | More Likely/More Likely | ||
Windows Graphics Component Elevation of Privilege Vulnerability | Important | |||
CVE-2017-11824 | No/No | ?/? | Important | Important |
Windows Kernel Information Disclosure Vulnerability | Important | |||
CVE-2017-11765 | No/No | More Likely/More Likely | Important | Important |
CVE-2017-11784 | No/No | Less Likely/Less Likely | ||
CVE-2017-11785 | No/No | Less Likely/Less Likely | ||
CVE-2017-11814 | No/No | More Likely/More Likely | ||
Windows Update Delivery Optimization Elevation of Privilege Vulnerability | Important | |||
CVE-2017-11829 | No/No | Less Likely/Less Likely | Important | Important |
Windows SMB Remote Code Execution Vulnerability | Important | |||
CVE-2017-11780 | No/No | More Likely/More Likely | Important | Important |
Office Defense in Depth Update | None | |||
ADV170017 | No/No | Less Likely/Less Likely | None | None |
Windows GDI Information Disclosure Vulnerability | Important | |||
CVE-2017-11816 | No/No | More Likely/More Likely | Important | Important |
TRIE Remote Code Execution Vulnerability | Important | |||
CVE-2017-11769 | No/No | Less Likely/Less Likely | Important | Important |
Microsoft JET Database Engine Remote Code Execution Vulnerability | Important | |||
CVE-2017-8717 | No/No | Less Likely/Less Likely | Important | Important |
CVE-2017-8718 | No/No | Less Likely/Less Likely | ||
Windows Storage Security Feature Bypass Vulnerability | Important | |||
CVE-2017-11818 | No/No | Less Likely/Less Likely | Important | Important |
Windows SMB Denial of Service Vulnerability | Important | |||
CVE-2017-11781 | No/No | Unlikely/Unlikely | Important | Important |
Keywords:
5 comment(s)
×
Diary Archives
Comments
More info for CVE-2017-11826: http://360coresec.blogspot.com/2017/10/new-office-0day-cve-2017-11826.html
Anonymous
Oct 10th 2017
7 years ago
This one talks specifically about 1703
https://www.neowin.net/news/windows-10-mandatory-october-kb4041676-update-is-causing-machines-to-bsod
This one talks about 1607
https://www.reddit.com/r/sysadmin/comments/75o0oq/windows_security_updates_broke_30_of_our_machines/
Anonymous
Oct 11th 2017
7 years ago
https://www.neowin.net/news/windows-10-mandatory-october-kb4041676-update-is-causing-machines-to-bsod
Anonymous
Oct 12th 2017
7 years ago
Anonymous
Oct 12th 2017
7 years ago
Anonymous
Oct 12th 2017
7 years ago