VERT Threat Alert - January 10, 2017

Today’s VERT Alert addresses 4 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-706 on Wednesday, January 11th.

Ease of Use (published exploits) to Risk Table
Automated Exploit
             
Easy
    MS17-001        
Moderate
             
Difficult
             
Extremely Difficult
   
 
MS17-004      
No Known Exploit
    MS17-002
MS17-003
   


 

 
 
Exposure
Local
Availability
Local
Access
Remote
Availability
Remote
Access
Local
Privileged
Remote
Privileged

 

MS17-001

Security Update for Microsoft Edge

KB3214288

MS17-002

Security Update for Microsoft Office

KB3214291

MS17-003

Security Update for Adobe Flash Player

KB3214628

MS17-004

Security Update for Local Security Authority Subsystem Service

KB3216771

MS17-001

Microsoft is starting off 2017 with a minimal set of patches – 4 bulletins and 15 CVEs, 12 of which are Flash related. The first bulletin this month resolves a single vulnerability in Microsoft Edge and, since this vulnerability is Edge specific, it means we don’t have an IE bulletin this month. The vulnerability is an elevation of privilege created by a lack of cross-domain policy enforcement with the about:blank page.

CVE-2017-0002 was publicly disclosed.

MS17-002

The second bulletin this month addresses a single vulnerability in Microsoft Word and SharePoint Enterprise Server 2016 that could allow code execution when opening malicious files.

MS17-003

The penultimate update this month is the companion update to APSB17-02. This update resolves a dozen vulnerabilities affecting Adobe Flash.

MS17-004

The final bulletin this month is an unauthenticated denial of service vulnerability in the Local Security Authority Subsystem Service better known as LSASS. A malicious authentication request could result in the targeted system crashing.

CVE-2017-0004 was publicly disclosed.

Additional Details

As always, VERT recommends that you apply all the patches as soon as possible but also that you fully vet patches (when possible) before applying them to production systems.