This month Microsoft released patches for 54 vulnerabilities with 19 of them rated Critical, 32 rated Important and 3 rated Moderate.
The most concerning vulnerability this month is CVE-2017-8589. This is a bug in the Windows Search Service which be exploited remotely via the SMB file-sharing service in Windows. It is included in the monthly rollups.
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
Affected software include:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- .NET Framework
- Adobe Flash Player
- Microsoft Exchange Server
Security Update Guide
Microsoft Security Advisory 4033453 (Published: June 27, 2017)
Vulnerability in Azure AD Connect Could Allow Elevation of Privilege
Verify if your organization is affected
This issue only affects customers who have enabled the Password writeback feature on Azure AD Connect.
Important note for CVE-2017-8563: After installing the updates for CVE-2017-8563, to make LDAP authentication over SSL/TLS more secure, administrators need to create a LdapEnforceChannelBinding registry setting on a Domain Controller. For more information about setting this registry key. See Notable Patches below
“Use the LdapEnforceChannelBinding registry entry to make LDAP authentication over SSL/TLS more secure”
Comodo Internet Security Suite – older versions block Windows 10 (Version 1703) KB4025342
If you have not installed the latest version of Comodo Internet Security Suite, you will not have this Windows Update offered to your device automatically.
Comodo is aware of incompatibility issues with earlier versions of the Comodo Internet Security Suite. For additional information, please see here or contact Comodo.
A blank page or “404” error prints when you try to print a frame in Internet Explorer versions 9 through 11
Microsoft released KB4032782 to fix this on June 23. KB4032782 introduced a new problem where Internet Explorer 11 may close unexpectedly when you visit some websites. July’s cumulative update for Internet Explorer states “Addressed issue introduced by KB4032782 where Internet Explorer may close unexpectedly when you visit some websites.” but the link above still shows “Microsoft is researching this problem and will update this article when more information becomes available.”
Outlook known issues in the June 2017 security updates
Microsoft released patches for Issues #1, #2 and #3 over the past could of weeks. Apparently none of them work. Microsoft removed the “FIXED” status without explanation and pulled the patches. The #3 fix is only for Office 365 customers on Current channel. We will update this blog as fixes become available. Until such time you will need to manually apply the workarounds.
Issues #5 and #7 fixes are included in this month’s cumulative update/rollup
Monthly Rollup/Security Only/Windows 10/Server 2016 KBs
July 2017 security monthly quality rollup
- KB4025341 – Windows 7, Windows Server 2008 R2
- KB4025336 – Windows 8.1, Windows Server 2012 R2
- KB4025331 – Windows Server 2012
July 2017 security only quality update
- KB4025337 – Windows 7, Windows Server 2008 R2
- KB4025333 – Windows 8.1, Windows Server 2012 R2
- KB4025343 – Windows Server 2012
July, 2017 Security and Quality Rollup for .NET Framework is not a separate patch but is included in the cumulative update for Windows 10/2016
Cumulative update for Windows 10
- KB4025338 – Original release version 1507 (OS Build 10240)
- KB4025344 – Version 1511 (OS Build 10586)
- KB4025339 – Version 1607 “Anniversary Update” (OS Build 14393)
- KB4025342 – Version 1703 “Creators Update” (OS Build 15063)
Note: Server 2016 uses the same KB as Windows 10 Version 1607
Cumulative Security Update for Internet Explorer 9/10/11
KB4025252 – This cumulative update is included in the monthly updates listed above. It can be installed instead of the monthly to secure Internet Explorer otherwise it is “superseded” by the monthly update.
CVE-2017-8589 | Windows Search Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE-2017-8585 | .NET Denial of Service Vulnerability
Affect Windows 10 and Windows Server 2016
A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application.
CVE-2017-8563 | Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully forward an authentication request to a Windows LDAP server, such as a system running Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), which has been configured to require signing or sealing on incoming connections.
CVE-2017-8584 | HoloLens Remote Code Execution Vulnerability
A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.