Microsoft Patch Tuesday August 2017
When Microsoft changed its update process a few months ago, we were initially no longer able to quickly produce our usual assessment of Microsoft's patches. Finally, I think we have a way to get at least some of it back, and this is our first take on it. Please let me know if I should change anything. I know a few people wrote scripts to parse the table. I would recommend that you use Microsoft's own API to do so in the future. The layout of the table may change and screen-scraping is never a good idea.
What do the fields mean:
- Description: Microsoft's description of the flaw
- MSFT Severity: The highest severity Microsoft assigned to the flaw. Sometimes, Microsoft assigns different severities to different versions of the product affected by the flaw.
- CVE: CVE Number
- Disclosed/Exploited: Has the vulnerability been publicly disclosed or exploited in the wild prior to the release of the patch
- Exploitablity: How likley is it, that this vulnerability will be exploited. (old: oldest supported version of the sooftware, current: current software version)
- Client Severity: The severity we (ISC) assigned to this vulnerability for clients (Desktops)
- Server Severtiy: The severity we (ISC) assigned to this vulnerability to servers (servers run software like IIS and are more exposed to the internet)
Expect a few updates as I am refining the table. Use our contact form for feedback.
Description | MSFT Severity | |||
---|---|---|---|---|
CVE | Disclosed/Exploited | Exploitability (old/current) | Client Severity | Server Severity |
Scripting Engine Security Feature Bypass Vulnerability | Important | |||
CVE-2017-8637 | No/No | ?/? | Important | Important |
Windows Subsystem for Linux Denial of Service Vulnerability | ||||
CVE-2017-8627 | Yes/No | ?/? | ||
August 2017 Flash Update | Critical | |||
ADV170010 | No/No | ?/? | Critical | Critical |
Volume Manager Extension Driver Information Disclosure Vulnerability | Important | |||
CVE-2017-8668 | No/No | Less Likely/Less Likely | Important | Important |
Windows Error Reporting Elevation of Privilege Vulnerability | Important | |||
CVE-2017-8633 | Yes/No | More Likely/More Likely | Important | Important |
Microsoft Edge Memory Corruption Vulnerability | Critical | |||
CVE-2017-8661 | No/No | ?/? | Critical | Critical |
Windows Subsystem for Linux Elevation of Privilege Vulnerability | ||||
CVE-2017-8622 | No/No | ?/? | ||
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | Important | |||
CVE-2017-8673 | No/No | ?/? | Important | Important |
Microsoft Edge Security Feature Bypass Vulnerability | Moderate | |||
CVE-2017-8650 | No/No | ?/? | Moderate | Moderate |
Scripting Engine Memory Corruption Vulnerability | Critical | |||
CVE-2017-8634 | No/No | ?/? | Critical | Critical |
CVE-2017-8635 | No/No | More Likely/More Likely | ||
CVE-2017-8636 | No/No | More Likely/More Likely | ||
CVE-2017-8638 | No/No | ?/? | ||
CVE-2017-8639 | No/No | ?/? | ||
CVE-2017-8640 | No/No | ?/? | ||
CVE-2017-8670 | No/No | ?/? | ||
CVE-2017-8671 | No/No | ?/? | ||
CVE-2017-8672 | No/No | ?/? | ||
CVE-2017-8641 | No/No | More Likely/More Likely | ||
CVE-2017-8645 | No/No | ?/? | ||
CVE-2017-8646 | No/No | ?/? | ||
CVE-2017-8647 | No/No | ?/? | ||
CVE-2017-8655 | No/No | ?/? | ||
CVE-2017-8656 | No/No | ?/? | ||
CVE-2017-8657 | No/No | ?/? | ||
CVE-2017-8674 | No/No | ?/? | ||
Windows Hyper-V Remote Code Execution Vulnerability | Important | |||
CVE-2017-8664 | No/No | Less Likely/Less Likely | Important | Important |
Microsoft Browser Memory Corruption Vulnerability | Critical | |||
CVE-2017-8669 | No/No | More Likely/More Likely | Critical | Critical |
CVE-2017-8653 | No/No | More Likely/More Likely | ||
Win32k Information Disclosure Vulnerability | Important | |||
CVE-2017-8666 | No/No | More Likely/More Likely | Important | Important |
Express Compressed Fonts Remote Code Execution Vulnerability | Important | |||
CVE-2017-8691 | No/No | Less Likely/Less Likely | Important | Important |
Windows NetBIOS Denial of Service Vulnerability | Important | |||
CVE-2017-0174 | No/No | Less Likely/Less Likely | Important | Important |
Windows CLFS Elevation of Privilege Vulnerability | Important | |||
CVE-2017-8624 | No/No | More Likely/More Likely | Important | Important |
Windows IME Remote Code Execution Vulnerability | Critical | |||
CVE-2017-8591 | No/No | Less Likely/Less Likely | Critical | Critical |
Microsoft Office SharePoint XSS Vulnerability | Important | |||
CVE-2017-8654 | No/No | Unlikely/Unlikely | Important | Important |
Windows Search Remote Code Execution Vulnerability | Critical | |||
CVE-2017-8620 | No/No | More Likely/More Likely | Critical | Critical |
Microsoft SQL Server Analysis Services Information Disclosure Vulnerability | Important | |||
CVE-2017-8516 | No/No | Unlikely/Unlikely | Important | Important |
Scripting Engine Information Disclosure Vulnerability | Important | |||
CVE-2017-8659 | No/No | ?/? | Important | Important |
Windows Hyper-V Denial of Service Vulnerability | Important | |||
CVE-2017-8623 | No/No | Unlikely/Unlikely | Important | Important |
Microsoft Edge Elevation of Privilege Vulnerability | Important | |||
CVE-2017-8503 | No/No | ?/? | Important | Important |
CVE-2017-8642 | No/No | ?/? | ||
Microsoft Edge Information Disclosure Vulnerability | ||||
CVE-2017-8662 | No/No | ?/? | ||
CVE-2017-8644 | No/No | ?/? | ||
CVE-2017-8652 | No/No | ?/? | ||
Windows PDF Remote Code Execution Vulnerability | Critical | |||
CVE-2017-0293 | No/No | Less Likely/Less Likely | Critical | Critical |
Win32k Elevation of Privilege Vulnerability | Important | |||
CVE-2017-8593 | No/No | More Likely/More Likely | Important | Important |
Internet Explorer Security Feature Bypass Vulnerability | Important | |||
CVE-2017-8625 | No/No | Less Likely/Less Likely | Important | Important |
Microsoft JET Database Engine Remote Code Execution Vulnerability | Critical | |||
CVE-2017-0250 | No/No | Unlikely/Unlikely | Critical | Critical |
Internet Explorer Memory Corruption Vulnerability | ||||
CVE-2017-8651 | No/No | ?/? |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
Keywords:
6 comment(s)
My next class:
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
Diary Archives
Comments
Anonymous
Aug 8th 2017
7 years ago
Anonymous
Aug 8th 2017
7 years ago
Seconded
Anonymous
Aug 8th 2017
7 years ago
https://isc.sans.edu/api/#getmspatchcves
https://isc.sans.edu/api/#getmspatch
Anonymous
Aug 8th 2017
7 years ago
Thanks for trying to fix their mess.
Anonymous
Aug 8th 2017
7 years ago
I'm just wondering is there some reason there are no severity ratings (M$FT or your own) for the following:
* Windows Subsystem for Linux Denial of Service Vulnerability
CVE 2017-8627
* Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE 2017-8622
* Microsoft Edge Information Disclosure Vulnerability
CVE 2017-8662
CVE 2017-8644
CVE 2017-8652
* Internet Explorer Memory Corruption Vulnerability
CVE 2017-8651
Anonymous
Aug 9th 2017
7 years ago