ASB-2017.0216 - [Win] Microsoft Windows: Multiple vulnerabilities 2017-12-13

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0216
                  Security patches for Microsoft Windows
                             13 December 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Microsoft Windows
Impact/Access:        Administrator Compromise       -- Existing Account            
                      Provide Misleading Information -- Remote with User Interaction
                      Access Confidential Data       -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2017-11927 CVE-2017-11899 CVE-2017-11885
Member content until: Friday, January 12 2018

OVERVIEW

        Microsoft has released its monthly security patch update for the
        month of December 2017. [1]
        
        This update resolves 3 vulnerabilities across the following products: 
        
         Windows 10 Version 1511 for 32-bit Systems
         Windows 10 Version 1511 for x64-based Systems
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2017-11885  Remote Code Execution    Important
         CVE-2017-11899  Security Feature Bypass  Important
         CVE-2017-11927  Information Disclosure   Important


MITIGATION

        Microsoft recommends updating the software with the version
        made available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1]
        
        
         KB4054521, KB4054520, KB4054523, KB4054522, KB4053579
         KB4053578, KB4054518, KB4054519, KB4053580, KB4053581
         KB4052303, KB4053473, KB4054517


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWjB0x4x+lLeg9Ub1AQgdkQ//bjR1+wUz8SgkIbQTZpG63e0avEVaQTPQ
htjMqXhulyIcup5sXenL8ZHkCqfpwZtMYoypDHN3qFTK0dZTbXSLns0VYAO9ZCwf
0W8zhqHYL0eYmygLGyeAgwP2dXPQmib+AMbe5uU9liX/dBol/KyDxPTB3ga0Sw93
o8oHdr3tflfUhhThq5IekWTFUCXFXyUxl6vUPGq5DukIje1NrK37VSfdyibvD7+l
8xJ7quq/T51k+2T2idenEH+ZDZqE2jhmjpdyo6KeWhlpDEdun93n9/rTprqwhZp9
PQMR+e4MvNwt3v7z9HpCjkSTvB15k2KwvSfVDlA92t06f4Y0cDZn2t3pCrUTSzbM
7qqM6IapfQdOO/gM1ym2CkQ+s11QZ1FWnXP2PleVxEQUcwrhqyqLNrfrCIHS2LSi
gzlcDvu/SHvnrxSWSTL4R9WAInJWpFkGxy+Wk7HX/3p427esrgYNpqBnPRGwOyq2
ye3ARaz5v5QZTII/x4QLuaF01vxghdppfArcIafqqQzvhm6qkwPqcA9mDdBI+gdD
osaLL/ufDChTbUHz2s0TRQdhaHeSm3xGIcM3PghnHZ0K+mNvG4A6fgUby+jlGd6X
edFmQmV+kuM0j3zfgzD1Cl6u9Qy7CNHbFrO9PajsdOuINx/yv25fQGOqDRaQ0iNx
pjfqv1XMsK0=
=+c6Z
-----END PGP SIGNATURE-----

« Back to bulletins