Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.1686 Android Security Bulletin July 2017 6 July 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Android Publisher: Google Operating System: Android Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Root Compromise -- Existing Account Modify Arbitrary Files -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-9417 CVE-2017-8273 CVE-2017-8272 CVE-2017-8271 CVE-2017-8270 CVE-2017-8269 CVE-2017-8268 CVE-2017-8267 CVE-2017-8266 CVE-2017-8265 CVE-2017-8264 CVE-2017-8263 CVE-2017-8262 CVE-2017-8261 CVE-2017-8260 CVE-2017-8259 CVE-2017-8258 CVE-2017-8257 CVE-2017-8256 CVE-2017-8255 CVE-2017-8254 CVE-2017-8253 CVE-2017-8246 CVE-2017-8243 CVE-2017-7308 CVE-2017-6074 CVE-2017-5970 CVE-2017-3544 CVE-2017-0711 CVE-2017-0710 CVE-2017-0709 CVE-2017-0708 CVE-2017-0707 CVE-2017-0706 CVE-2017-0705 CVE-2017-0704 CVE-2017-0703 CVE-2017-0702 CVE-2017-0701 CVE-2017-0700 CVE-2017-0699 CVE-2017-0698 CVE-2017-0697 CVE-2017-0696 CVE-2017-0695 CVE-2017-0694 CVE-2017-0693 CVE-2017-0692 CVE-2017-0691 CVE-2017-0690 CVE-2017-0689 CVE-2017-0688 CVE-2017-0686 CVE-2017-0685 CVE-2017-0684 CVE-2017-0683 CVE-2017-0682 CVE-2017-0681 CVE-2017-0680 CVE-2017-0679 CVE-2017-0678 CVE-2017-0677 CVE-2017-0676 CVE-2017-0675 CVE-2017-0674 CVE-2017-0673 CVE-2017-0672 CVE-2017-0671 CVE-2017-0670 CVE-2017-0669 CVE-2017-0668 CVE-2017-0667 CVE-2017-0666 CVE-2017-0665 CVE-2017-0664 CVE-2017-0642 CVE-2017-0540 CVE-2017-0340 CVE-2017-0326 CVE-2016-10391 CVE-2016-10389 CVE-2016-10388 CVE-2016-10383 CVE-2016-10382 CVE-2016-10347 CVE-2016-10346 CVE-2016-10344 CVE-2016-10343 CVE-2016-5872 CVE-2016-5871 CVE-2016-5863 CVE-2016-2109 CVE-2015-9073 CVE-2015-9072 CVE-2015-9071 CVE-2015-9070 CVE-2015-9069 CVE-2015-9068 CVE-2015-9067 CVE-2015-9062 CVE-2015-9061 CVE-2015-9060 CVE-2015-9055 CVE-2015-9054 CVE-2015-9053 CVE-2015-9052 CVE-2015-9051 CVE-2015-9050 CVE-2015-9049 CVE-2015-9048 CVE-2015-9047 CVE-2015-9046 CVE-2015-9045 CVE-2015-9044 CVE-2015-9043 CVE-2015-9042 CVE-2015-9041 CVE-2015-9040 CVE-2015-9039 CVE-2015-9038 CVE-2015-9037 CVE-2015-9036 CVE-2015-9035 CVE-2015-9034 CVE-2015-8596 CVE-2015-8595 CVE-2015-8592 CVE-2015-5707 CVE-2015-0575 CVE-2014-9980 CVE-2014-9979 CVE-2014-9978 CVE-2014-9977 CVE-2014-9975 CVE-2014-9974 CVE-2014-9973 CVE-2014-9968 CVE-2014-9731 CVE-2014-9411 Reference: ASB-2017.0080 ASB-2017.0078 ESB-2017.1685 ESB-2017.1539 ESB-2017.1420 Original Bulletin: https://source.android.com/security/bulletin/2017-07-01 - --------------------------BEGIN INCLUDED TEXT-------------------- Android Security Bulletin July 2017 Published July 5, 2017 The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of July 05, 2017 or later address all of these issues. Refer to the Pixel and Nexus update schedule to learn how to check a device's security patch level. Partners were notified of the issues described in the bulletin at least a month ago. Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. We will revise this bulletin with the AOSP links when they are available. The most severe of these issues is a critical security vulnerability in media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed. We have had no reports of active customer exploitation or abuse of these newly reported issues. Refer to the Android and Google Play Protect mitigations section for details on the Android security platform protections and Google Play Protect, which improve the security of the Android platform. We encourage all customers to accept these updates to their devices. Note: Information on the latest over-the-air update (OTA) and firmware images for Google devices is available in the Google device updates section. Announcements This bulletin has two security patch level strings to provide Android partners with the flexibility to more quickly fix a subset of vulnerabilities that are similar across all Android devices. See Common questions and answers for additional information: 2017-07-01: Partial security patch level string. This security patch level string indicates that all issues associated with 2017-07-01 (and all previous security patch level strings) are addressed. 2017-07-05: Complete security patch level string. This security patch level string indicates that all issues associated with 2017-07-01 and 2017-07-05 (and all previous security patch level strings) are addressed. Android and Google Play Protect mitigations This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android. Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible. The Android security actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play. 2017-07-01 security patch levelVulnerability details In the sections below, we provide details for each of the security vulnerabilities that apply to the 2017-07-01 patch level. Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Runtime The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. CVE References Type Severity Updated AOSP versions CVE-2017-3544 A-35784677 RCE Moderate 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 Framework The most severe vulnerability in this section could enable a local malicious application using a specially crafted file to execute arbitrary code within the context of an application that uses the library. CVE References Type Severity Updated AOSP versions CVE-2017-0664 A-36491278 EoP High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0665 A-36991414 EoP High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0666 A-37285689 EoP High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0667 A-37478824 EoP High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0668 A-22011579 ID Moderate 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0669 A-34114752 ID High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0670 A-36104177 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 Libraries The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an application that uses the library. CVE References Type Severity Updated AOSP versions CVE-2017-0671 A-34514762 RCE High 4.4.4 CVE-2016-2109 A-35443725 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0672 A-34778578 DoS High 7.0, 7.1.1, 7.1.2 Media framework The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. CVE References Type Severity Updated AOSP versions CVE-2017-0540 A-33966031 RCE Critical 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0673 A-33974623 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0674 A-34231163 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0675 A-34779227 RCE Critical 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0676 A-34896431 RCE Critical 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0677 A-36035074 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0678 A-36576151 RCE Critical 7.0, 7.1.1, 7.1.2 CVE-2017-0679 A-36996978 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0680 A-37008096 RCE Critical 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0681 A-37208566 RCE Critical 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0682 A-36588422 RCE High 7.0, 7.1.1, 7.1.2 CVE-2017-0683 A-36591008 RCE High 7.0, 7.1.1, 7.1.2 CVE-2017-0684 A-35421151 EoP High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0685 A-34203195 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0686 A-34231231 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0688 A-35584425 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0689 A-36215950 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0690 A-36592202 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0691 A-36724453 DoS High 7.0, 7.1.1, 7.1.2 CVE-2017-0692 A-36725407 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0693 A-36993291 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0694 A-37093318 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0695 A-37094889 DoS High 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0696 A-37207120 DoS High 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0697 A-37239013 DoS High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0698 A-35467458 ID Moderate 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0699 A-36490809 ID Moderate 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 System UI The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. CVE References Type Severity Updated AOSP versions CVE-2017-0700 A-35639138 RCE High 7.1.1, 7.1.2 CVE-2017-0701 A-36385715 RCE High 7.1.1, 7.1.2 CVE-2017-0702 A-36621442 RCE High 7.1.1, 7.1.2 CVE-2017-0703 A-33123882 EoP High 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 CVE-2017-0704 A-33059280 EoP Moderate 7.1.1, 7.1.2 2017-07-05 security patch levelVulnerability details In the sections below, we provide details for each of the security vulnerabilities that apply to the 2017-07-05 patch level. Vulnerabilities are grouped under the component that they affect and include details such as the CVE, associated references, type of vulnerability, severity, component (where applicable), and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Broadcom components The most severe vulnerability in this section could enable a proximate attacker to execute arbitrary code within the context of the kernel. CVE References Type Severity Component CVE-2017-9417 A-38041027* B-RB#123023 RCE Critical Wi-Fi driver CVE-2017-0705 A-34973477* B-RB#119898 EoP Moderate Wi-Fi driver CVE-2017-0706 A-35195787* B-RB#120532 EoP Moderate Wi-Fi driver HTC components The most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE References Type Severity Component CVE-2017-0707 A-36088467* EoP Moderate LED driver CVE-2017-0708 A-35384879* ID Moderate Sound driver CVE-2017-0709 A-35468048* ID Low Sensor hub driver Kernel components The most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE References Type Severity Component CVE-2017-6074 A-35784697 Upstream kernel EoP High Networking subsystem CVE-2017-5970 A-35805460 Upstream kernel DoS High Networking subsystem CVE-2015-5707 A-35841297 Upstream kernel [2] EoP Moderate SCSI driver CVE-2017-0710 A-34951864* EoP Moderate TCB CVE-2017-7308 A-36725304 Upstream kernel [2] [3] EoP Moderate Networking driver CVE-2014-9731 A-35841292 Upstream kernel ID Moderate File system MediaTek components The most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE References Type Severity Component CVE-2017-0711 A-36099953* M-ALPS03206781 EoP High Networking driver NVIDIA components The most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE References Type Severity Component CVE-2017-0340 A-33968204* N-CVE-2017-0340 EoP High Libnvparser CVE-2017-0326 A-33718700* N-CVE-2017-0326 ID Moderate Video driver Qualcomm components The most severe vulnerability in this section could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE References Type Severity Component CVE-2017-8255 A-36251983 QC-CR#985205 EoP High Bootloader CVE-2016-10389 A-34500449 QC-CR#1009145 EoP High Bootloader CVE-2017-8253 A-35400552 QC-CR#1086764 EoP High Camera driver CVE-2017-8262 A-32938443 QC-CR#2029113 EoP High GPU driver CVE-2017-8263 A-34126808* QC-CR#1107034 EoP High Anonymous shared memory subsystem CVE-2017-8267 A-34173755* QC-CR#2001129 EoP High Anonymous shared memory subsystem CVE-2017-8273 A-35400056 QC-CR#1094372 [2] EoP High Bootloader CVE-2016-5863 A-36251182 QC-CR#1102936 EoP Moderate USB HID driver CVE-2017-8243 A-34112490* QC-CR#2001803 EoP Moderate SoC driver CVE-2017-8246 A-37275839 QC-CR#2008031 EoP Moderate Sound driver CVE-2017-8256 A-37286701 QC-CR#1104565 EoP Moderate Wi-Fi driver CVE-2017-8257 A-37282763 QC-CR#2003129 EoP Moderate Video driver CVE-2017-8259 A-34359487 QC-CR#2009016 EoP Moderate SoC driver CVE-2017-8260 A-34624155 QC-CR#2008469 EoP Moderate Camera driver CVE-2017-8261 A-35139833* QC-CR#2013631 EoP Moderate Camera driver CVE-2017-8264 A-33299365* QC-CR#1107702 EoP Moderate Camera driver CVE-2017-8265 A-32341313 QC-CR#1109755 EoP Moderate Video driver CVE-2017-8266 A-33863407 QC-CR#1110924 EoP Moderate Video driver CVE-2017-8268 A-34620535* QC-CR#2002207 EoP Moderate Camera driver CVE-2017-8270 A-35468665* QC-CR#2021363 EoP Moderate Wi-Fi driver CVE-2017-8271 A-35950388* QC-CR#2028681 EoP Moderate Video driver CVE-2017-8272 A-35950805* QC-CR#2028702 EoP Moderate Video driver CVE-2017-8254 A-36252027 QC-CR#832914 ID Moderate Sound driver CVE-2017-8258 A-37279737 QC-CR#2005647 ID Moderate Camera driver CVE-2017-8269 A-33967002* QC-CR#2013145 ID Moderate IPA Driver Qualcomm closed-source components These vulnerabilities affect Qualcomm components and are described in further detail in Qualcomm AMSS security bulletins in 2014-2016. They are included in this Android security bulletin in order to associate their fixes with an Android security patch level. Fixes for these vulnerabilities are available directly from Qualcomm. CVE References Type Severity Component CVE-2014-9411 A-37473054* QC-CR#532956 N/A High Secure systems group CVE-2014-9968 A-37304413* QC-CR#642084 N/A High Modem CVE-2014-9973 A-37470982* QC-CR#646919 N/A High Secure systems group CVE-2014-9974 A-37471979* QC-CR#654072 N/A High Secure systems group CVE-2014-9975 A-37471230* QC-CR#700125 N/A High Secure systems group CVE-2014-9977 A-37471087* QC-CR#703002 N/A High Secure systems group CVE-2014-9978 A-37468982* QC-CR#709939 N/A High Secure systems group CVE-2014-9979 A-37471088* QC-CR#717304 N/A High Secure systems group CVE-2014-9980 A-37471029* QC-CR#709766 N/A High Secure systems group CVE-2015-0575 A-37296999* QC-CR#715815 N/A High Modem CVE-2015-8592 A-37470090* QC-CR#775396 N/A High Core CVE-2015-8595 A-37472411* QC-CR#790151 N/A High Secure systems group CVE-2015-8596 A-37472806* QC-CR#802005 N/A High Secure systems group CVE-2015-9034 A-37305706* QC-CR#614512 N/A High Modem CVE-2015-9035 A-37303626* QC-CR#750231 N/A High Modem CVE-2015-9036 A-37303519* QC-CR#751831 N/A High Modem CVE-2015-9037 A-37304366* QC-CR#753315 N/A High Modem CVE-2015-9038 A-37303027* QC-CR#758328 N/A High Modem CVE-2015-9039 A-37302628* QC-CR#760282 N/A High Modem CVE-2015-9040 A-37303625* QC-CR#761216 N/A High Modem CVE-2015-9041 A-37303518* QC-CR#762126 N/A High Modem CVE-2015-9042 A-37301248* QC-CR#762214 N/A High Modem CVE-2015-9043 A-37305954* QC-CR#762954 N/A High Modem CVE-2015-9044 A-37303520* QC-CR#764858 N/A High Modem CVE-2015-9045 A-37302136* QC-CR#766189 N/A High Modem CVE-2015-9046 A-37301486* QC-CR#767335 N/A High Modem CVE-2015-9047 A-37304367* QC-CR#779285 N/A High Modem CVE-2015-9048 A-37305707* QC-CR#795960 N/A High Modem CVE-2015-9049 A-37301488* QC-CR#421589, QC-CR#817165 N/A High Modem CVE-2015-9050 A-37302137* QC-CR#830102 N/A High Modem CVE-2015-9051 A-37300737* QC-CR#837317 N/A High Modem CVE-2015-9052 A-37304217* QC-CR#840483 N/A High Modem CVE-2015-9053 A-37301249* QC-CR#843808 N/A High Modem CVE-2015-9054 A-37303177* QC-CR#856077 N/A High Modem CVE-2015-9055 A-37472412* QC-CR#806464 N/A High Core CVE-2015-9060 A-37472807* QC-CR#817343 N/A High Secure systems group CVE-2015-9061 A-37470436* QC-CR#824195 N/A High Secure systems group CVE-2015-9062 A-37472808* QC-CR#802039 N/A High Secure systems group CVE-2015-9067 A-37474000* QC-CR#848926 N/A High Secure systems group CVE-2015-9068 A-37470144* QC-CR#851114 N/A High Secure systems group CVE-2015-9069 A-37470777* QC-CR#854496 N/A High Secure systems group CVE-2015-9070 A-37474001* QC-CR#877102 N/A High Secure systems group CVE-2015-9071 A-37471819* QC-CR#877276 N/A High Secure systems group CVE-2015-9072 A-37474002* QC-CR#877361 N/A High Secure systems group CVE-2015-9073 A-37473407* QC-CR#878073 N/A High Secure systems group CVE-2016-10343 A-32580186* QC-CR#972213 N/A High Modem CVE-2016-10344 A-32583954* QC-CR#1022360 N/A High Modem CVE-2016-10346 A-37473408* QC-CR#896584 N/A High Core CVE-2016-10347 A-37471089* QC-CR#899671 N/A High Core CVE-2016-10382 A-28823584* QC-CR#944014 N/A High Secure systems group CVE-2016-10383 A-28822389* QC-CR#960624 N/A High Secure systems group CVE-2016-10388 A-32580294* QC-CR#992749 N/A High Secure systems group CVE-2016-10391 A-32583804* QC-CR#970283 N/A High WConnect CVE-2016-5871 A-37473055* QC-CR#883013 N/A High Secure systems group CVE-2016-5872 A-37472809* QC-CR#886220 N/A High Secure systems group Google device updates This table contains the security patch level in the latest over-the-air update (OTA) and firmware images for Google devices. The Google device firmware images are available on the Google Developer site. Google device Security patch level Pixel / Pixel XL July 05, 2017 Nexus 5X July 05, 2017 Nexus 6 July 05, 2017 Nexus 6P July 05, 2017 Nexus 9 July 05, 2017 Nexus Player July 05, 2017 Pixel C July 05, 2017 Acknowledgements We would like to thank these researchers for their contributions: CVEs Researchers CVE-2017-0711 Chengming Yang, Baozeng Ding, and Yang Song of Alibaba Mobile Security Group CVE-2017-0706 Daxing Guo (@freener0) of Xuanwu Lab, Tencent CVE-2017-8260 Derrek (@derrekr6) and Scott Bauer CVE-2017-8265 Di Shen (@returnsme) of KeenLab (@keen_lab), Tencent CVE-2017-0703 Dzmitry Lukyanenka CVE-2017-0692, CVE-2017-0694 Elphet and Gong Guang of Alpha , Qihoo 360 Technology Co. Ltd. CVE-2017-8266, CVE-2017-8243, CVE-2017-8270 Gengjia Chen (@chengjia4574) and pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-0665, CVE-2017-0681 Hanxiang Wen, Mingjian Zhou (@Mingjian_Zhou), and Xuxian Jiang of C0RE CVE-2017-8268, CVE-2017-8261 Jianqiang Zhao (@jianqiangzhao) and pjf of IceSword Lab, Qihoo 360 CVE-2017-0698 Joey Brand of Census Consulting Inc. CVE-2017-0666, CVE-2017-0684 Mingjian Zhou (@Mingjian_Zhou), Chi Zhang, and Xuxian Jiang of C0RE CVE-2017-0697, CVE-2017-0670 Niky1235 (@jiych_guru) CVE-2017-9417 Nitay Artenstein of Exodus Intelligence CVE-2017-0705, CVE-2017-8259 Scott Bauer CVE-2017-0667 Timothy Becker of CSS Inc. CVE-2017-0642, CVE-2017-0682, CVE-2017-0683, CVE-2017-0676, CVE-2017-0696,CVE-2017-0675, CVE-2017-0701, CVE-2017-0702, CVE-2017-0699 Vasily Vasiliev CVE-2017-0695, CVE-2017-0689, CVE-2017-0540, CVE-2017-0680, CVE-2017-0679, CVE-2017-0685, CVE-2017-0686, CVE-2017-0693,CVE-2017-0674, CVE-2017-0677 V.E.O (@VYSEa) of Mobile Threat Response , Trend Micro CVE-2017-0708 Xiling Gong of Tencent Security Platform Department CVE-2017-0690 Yangkang (@dnpushme) and Liyadong of Qihoo 360 Qex CVE-2017-8269, CVE-2017-8271, CVE-2017-8272, CVE-2017-8267 Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-8264, CVE-2017-0326, CVE-2017-0709 Yuan-Tsung Lo (computernik@gmail.com) and Xuxian Jiang of C0RE CVE-2017-0704, CVE-2017-0669 Yuxiang Li (@Xbalien29) of Tencent Security Platform Department CVE-2017-0678 Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2017-0691, CVE-2017-0700 Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. and Ao Wang (@ArayzSegment) of Pangu - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWV2csIx+lLeg9Ub1AQhfZQ//R4MnLyxwLS8giOTzyYuCWioxMUPnYMIT H6fBPkAtDepEgcRHbI+7GTTvaIdoTvNDH0Em1rUfCHcDfB96w3mnKzlawOmcfvy/ b4jiR+breVu6Jxbjq/2eW9RrMJIM38SyZ7BfzbqhDveWXb7Cpwml/vTtLMzKXaFi XQC7/Ce8IWNdM0FUPfKTGx1cVE+wrUMi6UQH7Kqxt3wrnshrr+vondbvYnlr3BNZ Iy+FpJ0UKttNxKXQrWA8AxDhO8lEjtSkS+f9e0SzJFnT+10HnfwlxW6etEa4Suwq spe8+tdFidp2GJcL19hwrU8PVFyWVMMgKCaDXNdluy8HpMGic3cho827M0ADSNS6 vg8O19x6WEtL6BArmt34SxU+pMGwh4zbnObDDYwEcN0LIHUFGIdy+V0roBCnbU+w Qrfx1aVbpDpMN7wgBjYoxw6V4Fi2Tdv24My4VzwYqoTopl5jNWm99OKWfWo4mqUu 2kk6FihjpZdHam7PPm/9Xtk3AbqeH96Wcw1cj2hP9qgN03LtqGA3XfuRNhDjYKKv 3SD5/e1ON9VF4NqEdKWkTfn8Q5UDQ4PrOSjnhTsXjRO4CeGe0UDhSxs+nJlLr2ij mfju6eGjW53ApGSlNHjO+rzsc5j4VHGph6lUqEszGHLeY6PPvLhwbu/oJ6azougA /ahxZA3AKbk= =agte -----END PGP SIGNATURE-----