Virtual Administrator’s July 2017 Patch Recommendations

This month Microsoft released patches for 54 vulnerabilities with 19 of them rated Critical, 32 rated Important and 3 rated Moderate.

The most concerning vulnerability this month is CVE-2017-8589. This is a bug in the Windows Search Service which be exploited remotely via the SMB file-sharing service in Windows. It is included in the monthly rollups.

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

Affected software include:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • .NET Framework
  • Adobe Flash Player
  • Microsoft Exchange Server

Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance

Microsoft Security Advisory 4033453 (Published: June 27, 2017)
Vulnerability in Azure AD Connect Could Allow Elevation of Privilege
https://technet.microsoft.com/en-us/library/security/4033453.aspx

Verify if your organization is affected
This issue only affects customers who have enabled the Password writeback feature on Azure AD Connect.

Heads Up!

Important note for CVE-2017-8563: After installing the updates for CVE-2017-8563, to make LDAP authentication over SSL/TLS more secure, administrators need to create a LdapEnforceChannelBinding registry setting on a Domain Controller. For more information about setting this registry key. See Notable Patches below
“Use the LdapEnforceChannelBinding registry entry to make LDAP authentication over SSL/TLS more secure”
https://support.microsoft.com/en-us/help/4034879/how-to-add-the-ldapenforcechannelbinding-registry-entry

Comodo Internet Security Suite – older versions block Windows 10 (Version 1703) KB4025342
https://support.microsoft.com/en-us/help/4025342/windows-10-update-kb4025342
If you have not installed the latest version of Comodo Internet Security Suite, you will not have this Windows Update offered to your device automatically.
Comodo is aware of incompatibility issues with earlier versions of the Comodo Internet Security Suite. For additional information, please see here or contact Comodo.

A blank page or “404” error prints when you try to print a frame in Internet Explorer versions 9 through 11
https://support.microsoft.com/en-us/help/4032782/a-blank-page-or-404-error-prints-when-you-try-to-print-a-frame-in-ie
Microsoft released KB4032782 to fix this on June 23. KB4032782 introduced a new problem where Internet Explorer 11 may close unexpectedly when you visit some websites. July’s cumulative update for Internet Explorer states “Addressed issue introduced by KB4032782 where Internet Explorer may close unexpectedly when you visit some websites.” but the link above still shows “Microsoft is researching this problem and will update this article when more information becomes available.”

Cloudy Outlook
Outlook known issues in the June 2017 security updates
https://support.office.com/en-us/article/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&rs=en-US&ad=US&fromAR=1
Microsoft released patches for Issues #1, #2 and #3 over the past could of weeks. Apparently none of them work. Microsoft removed the “FIXED” status without explanation and pulled the patches. The #3 fix is only for Office 365 customers on Current channel. We will update this blog as fixes become available. Until such time you will need to manually apply the workarounds.

Issues #5 and #7 fixes are included in this month’s cumulative update/rollup

Monthly Rollup/Security Only/Windows 10/Server 2016 KBs

July 2017 security monthly quality rollup

  • KB4025341 – Windows 7, Windows Server 2008 R2
  • KB4025336 – Windows 8.1, Windows Server 2012 R2
  • KB4025331 – Windows Server 2012

July 2017 security only quality update

  • KB4025337 – Windows 7, Windows Server 2008 R2
  • KB4025333 – Windows 8.1, Windows Server 2012 R2
  • KB4025343 – Windows Server 2012

.NET Framework
July, 2017 Security and Quality Rollup for .NET Framework is not a separate patch but is included in the cumulative update for Windows 10/2016

Cumulative update for Windows 10

  • KB4025338 – Original release version 1507 (OS Build 10240)
  • KB4025344 – Version 1511 (OS Build 10586)
  • KB4025339 – Version 1607 “Anniversary Update” (OS Build 14393)
  • KB4025342 – Version 1703 “Creators Update” (OS Build 15063)

Note: Server 2016 uses the same KB as Windows 10 Version 1607

Cumulative Security Update for Internet Explorer 9/10/11
KB4025252 – This cumulative update is included in the monthly updates listed above. It can be installed instead of the monthly to secure Internet Explorer otherwise it is “superseded” by the monthly update.

Notable Patches

CVE-2017-8589 | Windows Search Remote Code Execution Vulnerability

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8589
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVE-2017-8585 | .NET Denial of Service Vulnerability

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8585
Affect Windows 10 and Windows Server 2016
A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application.

CVE-2017-8563 | Windows Elevation of Privilege Vulnerability

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/%20CVE-2017-8563
An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully forward an authentication request to a Windows LDAP server, such as a system running Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), which has been configured to require signing or sealing on incoming connections.

CVE-2017-8584 | HoloLens Remote Code Execution Vulnerability

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8584
A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Copyright ©2014-2016 Network Depot LLC.

12040 South Lakes Drive Suite 202 Reston, VA 20191 USA

Terms of Service - Refund Policy - Privacy Policy

Skip to toolbar