18 Security Bulletins were released – 10 Critical, 8 Important, and 0 Moderate

This Month In Brief

We have not uncovered any widespread problems with any of these patches and are releasing all of them. Dynamics CRM 2011 users see “Heads Up” below.

MS17-006 through MS17-013 and MS17-023 are rated Critical. MS17-013 and MS17-012 patch zero day vulnerabilities

No out-of-band security updates were released during the last month.

Heads Up! Dynamics CRM 2011 user will have problems after installing cumulative/rollup for Windows 7, 8 and 10

At this time the only workarounds are to use a different browser, drop CRM 2011 back to IE7 compatibility mode, or roll back the bad patches.

Unfortunately we can’t deny the entire cumulative/rollup on all Windows 7, 8 and 10 machines for a problem that will affect a limited number of systems.

For those affected you can set the update to Ignore until such time Microsoft fixes the update or has a better workaround. Go to Patch Management> Patch Update and find the KB you want to ignore. Click on “Machines” to the left of the KB. Select the machines for which you would like the KB ignored and click “Set Ignore” at the top. You can Suspend all patching to give yourself more time to set the Ignore (Automatic Update> Suspend)

Win10 March cumulative update KB 4013429 breaks display of forms in MS Dynamics CRM 2011
https://community.dynamics.com/crm/f/117/t/230126

Windows Security Update KB4012215 – Breaking Microsoft Dynamics CRM 2011
https://social.technet.microsoft.com/Forums/en-US/5a08d82c-351d-482e-9809-721e467c4df1/windows-secuirty-update-kb4012215-breaking-microsoft-dynamics-crm-2011?forum=w7itprosecurity

– If you find a reliable workaround please open a ticket by emailing help@virtualadministrator.com and we will try to create an agent procedure to push it out.

Notable News: Microsoft is replacing security bulletins with a Security Update Guide providing a single online database

Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance

Furthering our commitment to security updates
https://blogs.technet.microsoft.com/msrc/2016/11/08/furthering-our-commitment-to-security-updates/

“Instead of publishing bulletins to describe related vulnerabilities, the new portal lets our customers view and search security vulnerability information in a single online database.”

Monthly Rollup/Security Only/Windows 10/Server 2016 KBs

March 2017 Security Monthly Quality Rollup
KB4012215 – Windows 7, Windows Server 2008 R2
KB4012216 – Windows 8.1, Windows Server 2012 R2
KB4012217 – Windows Server 2012

March 2017 Security Only Quality Update
KB4012212 – Windows 7, Windows Server 2008 R2
KB4012213 – Windows 8.1, Windows Server 2012 R2
KB4012214 – Windows Server 2012

March 2017 Security and Quality Rollup for .NET Framework
March 2017 Security Only Update for .NET Framework
The KB numbers for .Net are different for each version and in some cases each OS installed.

Cumulative update for Windows 10 and Server 2016
KB4012606 – Original release
KB4013198 – Version 1511
KB4013429 – Version 1607 (Anniversary Update)
KB4013429 – Server 2016
Note: Server 2016 uses the same KB as Windows 10 Version 1607

Exploitability

  • Publically disclosed: MS17-006 – MS17-013 and MS17-023
  • Being exploited: MS17-006, MS17-013, MS17-022
  • Rated CRITICAL: MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-023, MS17-014
  • (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)

Requires Restart

  • Servers:True
  • Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS17-006 Cumulative Security Update for Internet Explorer (4013073) (Internet Explorer) The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
Affected Software: Internet Explorer 9-11
Known Issues per MS:
MS17-007 Cumulative Security Update for Microsoft Edge (4013071) (Microsoft Edge) These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
Details
Affected Software: Edge
Known Issues per MS:
MS17-008 Security Update for Windows Hyper-V (4013082) (Microsoft Windows) The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016
Known Issues per MS:
MS17-009 Security Update for Microsoft Windows PDF Library (4010319) (Microsoft Windows) The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.
Details
Affected Software: Windows 8.1/10, Server 2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-010 Security Update for Microsoft Windows SMB Server (4013389) (Microsoft Windows) The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-011 Security Update for Microsoft Graphics Component (4013075) (Microsoft Windows) The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-012 Security Update for Microsoft Windows (4013078) (Microsoft Windows) The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-013 Security Update for Microsoft Graphics Component (4013075) (Microsoft Office, Skype, Lync, Silverlight) The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-023 Security Update for Adobe Flash Player (4014329) (Adobe Flash Player) his security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
Details
Affected Software: Windows 8.1/10, Server 2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-014 Security Update for Microsoft Office (4013241) (Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Details
Affected Software: Office 2007/2010/2013/2016, Office 2011/2016 for MAC, Office Web Apps 2010/2013, SharePoint Server 2010/2013
Known Issues per MS:

IMPORTANT

MS17-015 Security Update for Microsoft Exchange Server (4013242) (Microsoft Exchange) The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.
Details
Affected Software: Exchange 2013/2016
Known Issues per MS:
MS17-016 Security Update for Windows IIS (4013074) (Microsoft Windows) The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-017 Security Update for Windows Kernel (4013081) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-018 Security Update for Windows Kernel-Mode Drivers (4013083) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-019 Security Update for Active Directory Federation Services (4010320) (Microsoft Windows) The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.
Details
Affected Software: Server 2008/2008R2/2012/2012R2/2016
Known Issues per MS:
MS17-020 Security Update for Windows DVD Maker (3208223) (Microsoft Windows) The vulnerability could allow an attacker to obtain information to further compromise a target system.
Details
Affected Software: Vista, Windows 7
Known Issues per MS:
MS17-021 Security Update for Windows DirectShow (4010318) (Microsoft Windows) The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:
MS17-022 Security Update for Microsoft XML Core Services (4010321) (Microsoft Windows) The vulnerability could allow information disclosure if a user visits a malicious website.
Details
Affected Software: Vista, Windows 7/8.1/10, Server 2008/2008R2/2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:

MODERATE