This document summarizes an upcoming webinar about the January 2017 Patch Tuesday updates. The webinar will provide an overview of the January Patch Tuesday bulletins, known issues, best practices for deploying updates, and industry news. The document then summarizes the key updates being released, including updates for Windows 10, Office, Adobe Flash Player, Acrobat, and security updates for other products. It concludes by listing resources for getting Shavlik content updates, attending future webinars, and watching previous webinar recordings.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Patching is a hot topic in security breach after security breach. Patch management is likely the most well established security control out there, so why do so many companies struggle to achieve a good patch management strategy? Join us as we discuss the pitfalls of patching, the complications that still plague us, and best practices to help you fine tune your process—with a dash of just plain common sense thrown in. We will also look at ways Ivanti can help you get a handle on patch management using our latest security innovation, Patch Intelligence.
This December Patch Tuesday attackers have added a smattering of coal to the gifts in our holiday stockings. You don’t want the Flash exploits slipping down the chimney while your back is turned, so make sure Adobe is on your list for maintenance goodies. Attackers could also turn the lights out on your holiday festivities via a Microsoft zero day and public disclosure, so prioritize those CVEs—and make sure you’ve checked off the other updates before shutting off the lights on 2018. Happy patching and happy holidays!
Happy New Year! Celebration continues in 2019 with a mild January Patch Tuesday. But, make sure you’ve deployed Microsoft’s emergency patch, released post December Patch Tuesday, so attackers with a New Year’s zero-day resolution don’t suck all the fun out of your month. Also, take note of the public disclosure, and take this calm before whatever comes next to catch up on Java support changes going forward. Java SE 8 will soon receive its last public update.
The average spent on Valentine’s Day is a topic that’s been making the rounds on social media. It’s generated shock and awe—but it’s nothing compared to the damage one exploited vulnerability can unleash on your organization. So, let’s keep the money in February flowing into flower stores and candlelit dinners, rather than into the pockets of those we’d never choose to date. For February the men (and women) of Patch Tuesday recommend you lavish attention upon Microsoft. Patch the exploited zero day, public disclosures, and privilege escalation vulnerability. Also, make time for the ever-popular target, Adobe. Because nothing leaves a worse taste in your mouth than a breach you could have prevented—unless, perhaps, it’s those chalky conversation hearts.
There's more to third-party patching than SCCM 1806Ivanti
Given the new Third-Party Updates feature in Microsoft SCCM 1806, our Ivanti security experts are excited to share with you how Ivanti Patch for SCCM will continue to enhance your SCCM solution. With our plug-in, you can more easily patch third-party apps from the SCCM console with no additional infrastructure or training. For example:
-SCCM 1806 requires that you subscribe to each catalog from each vendor. If there are any issues, you must go back to that vendor for support. Patch for SCCM consolidates all supported vendors and gives you one point of contact for automated patching information. SCCM 1806 has a limited number of vendor catalogs, and each vendor must create its catalog specifically for 1806. Patch for SCCM makes available catalogs from a large number of vendors, and Ivanti adds additional vendors to address customer feedback and market demand. Our new Patch for SCCM release, due out this month, can read in vulnerability scan results from any vendor, view the identified Common Vulnerabilities and Exposures (CVEs) and associated patches, and publish any missing patches to the update server for deployment.
August Patch Tuesday continues the trend of providing some time to get your house in order. Don't let the number of Critical updates fool you: most are expected. You can take those on and attend to some of the revenue-generating business goals waiting in the wings. With no exploits in sight, you might even find yourself whistling while you go about your day.
If Equifax andThe Shadow Brokers were any indication, September Patch Tuesday drives home the fact that security concerns are alive and well this month. There are some Win10 public disclosures to attend to, and plenty of other Critical updates to go around—so let the update party commence! Plus, this month’s zero day serves as a reminder to limit admin rights in your environment as well.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Patching is a hot topic in security breach after security breach. Patch management is likely the most well established security control out there, so why do so many companies struggle to achieve a good patch management strategy? Join us as we discuss the pitfalls of patching, the complications that still plague us, and best practices to help you fine tune your process—with a dash of just plain common sense thrown in. We will also look at ways Ivanti can help you get a handle on patch management using our latest security innovation, Patch Intelligence.
This December Patch Tuesday attackers have added a smattering of coal to the gifts in our holiday stockings. You don’t want the Flash exploits slipping down the chimney while your back is turned, so make sure Adobe is on your list for maintenance goodies. Attackers could also turn the lights out on your holiday festivities via a Microsoft zero day and public disclosure, so prioritize those CVEs—and make sure you’ve checked off the other updates before shutting off the lights on 2018. Happy patching and happy holidays!
Happy New Year! Celebration continues in 2019 with a mild January Patch Tuesday. But, make sure you’ve deployed Microsoft’s emergency patch, released post December Patch Tuesday, so attackers with a New Year’s zero-day resolution don’t suck all the fun out of your month. Also, take note of the public disclosure, and take this calm before whatever comes next to catch up on Java support changes going forward. Java SE 8 will soon receive its last public update.
The average spent on Valentine’s Day is a topic that’s been making the rounds on social media. It’s generated shock and awe—but it’s nothing compared to the damage one exploited vulnerability can unleash on your organization. So, let’s keep the money in February flowing into flower stores and candlelit dinners, rather than into the pockets of those we’d never choose to date. For February the men (and women) of Patch Tuesday recommend you lavish attention upon Microsoft. Patch the exploited zero day, public disclosures, and privilege escalation vulnerability. Also, make time for the ever-popular target, Adobe. Because nothing leaves a worse taste in your mouth than a breach you could have prevented—unless, perhaps, it’s those chalky conversation hearts.
There's more to third-party patching than SCCM 1806Ivanti
Given the new Third-Party Updates feature in Microsoft SCCM 1806, our Ivanti security experts are excited to share with you how Ivanti Patch for SCCM will continue to enhance your SCCM solution. With our plug-in, you can more easily patch third-party apps from the SCCM console with no additional infrastructure or training. For example:
-SCCM 1806 requires that you subscribe to each catalog from each vendor. If there are any issues, you must go back to that vendor for support. Patch for SCCM consolidates all supported vendors and gives you one point of contact for automated patching information. SCCM 1806 has a limited number of vendor catalogs, and each vendor must create its catalog specifically for 1806. Patch for SCCM makes available catalogs from a large number of vendors, and Ivanti adds additional vendors to address customer feedback and market demand. Our new Patch for SCCM release, due out this month, can read in vulnerability scan results from any vendor, view the identified Common Vulnerabilities and Exposures (CVEs) and associated patches, and publish any missing patches to the update server for deployment.
August Patch Tuesday continues the trend of providing some time to get your house in order. Don't let the number of Critical updates fool you: most are expected. You can take those on and attend to some of the revenue-generating business goals waiting in the wings. With no exploits in sight, you might even find yourself whistling while you go about your day.
If Equifax andThe Shadow Brokers were any indication, September Patch Tuesday drives home the fact that security concerns are alive and well this month. There are some Win10 public disclosures to attend to, and plenty of other Critical updates to go around—so let the update party commence! Plus, this month’s zero day serves as a reminder to limit admin rights in your environment as well.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Nothing like starting off the new decade with rumors your computer cryptography has a vulnerability which can result in a lack of trust for almost everything you do! The reality is that this vulnerability has not been publicly disclosed nor exploited and our friends at Microsoft have a solution. Besides the Crypto vulnerability, the most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2. Apply the updates soon; major security vulnerabilities are exploited quickly!
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Around the globe, Halloween and related celebrations are right around the corner. In the states, this is the month of trick-or-treat and pumpkin patches. And out in Redmond, Washington, Microsoft is focused on patches of a different sort—keeping an eye on vulnerabilities hackers could use to unleash nasty tricks upon the world. For October Patch Tuesday you’d be wise to patch all Microsoft CVEs swiftly, publicly disclosed and otherwise, before more than just the one we’ve noted below get exploited.
Mises à jour d'Apple pour macOS, iPad OS, iOS et Safari résolvant deux exploits Zero Day. Microsoft a publié des mises à jour résolvant 97 nouveaux CVE.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
March is most definitely full of madness as Microsoft resolves 115 unique vulnerabilities! The good news is you can predict what to do much easier than your basketball picks. Patch the OS and browsers and you take care of 97 CVEs from the 115 contenders.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
“April showers bring May flowers”—but did you know May flowers bring June bugs? A less known line from that poem for sure, but quite apt for a Patch Tuesday synopsis where software updates are the name of the game. This June there’s more grist for the mill, though there are fewer patches than we’ve seen of late. Take note of the fix for a new zero day targeting a Flash bug. And use this relative downtime to make sure your patch processes are in good working order. Remember: Meltdown and Spectre are back with all new bugs to banish from your IT environment.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, there we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
3. Best Practices
Privilege Management
Mitigates Impact of
many exploits
High Threat Level vulnerabilities
warrant fast rollout. 2 weeks or
less is ideal to reduce exposure.
User Targeted – Whitelisting
and Containerization
mitigate
4.
5. Industry News
What is our name? Sorry but you will have to wait a bit longer. The name will
be revealed shortly.
LANDESK and HEAT are joining forces! .
Remember this is the last Patch Tuesday that Microsoft will be using Security
Bulletins. After January 10th, Microsoft will switch to using the Security
Updates Guide.
For more info, see the FAQ here https://technet.microsoft.com/en-us/security/mt791750
Blog Post from Microsoft: https://blogs.technet.microsoft.com/msrc/2016/11/08/furthering-our-commitment-to-security-updates/
Don’t worry, 2017 will not be boring. We have a new president about to be
sworn in and a “new friendly” relationship with Russia!
We have already invested in our architecture allowing us to deliver common content across
multiple products. This allows us to gain efficiencies and increase innovation in the endpoint
security space.
http://www.landesk.com/company/press-releases/2017/landesk-heat-software-clearlake-capital/
6. CSWU-045: Cumulative update for Windows 10: January, 2017
Maximum Severity: Critical
Affected Products: Windows 10, Edge
Description: This update for Windows 10 includes functionality improvements and resolves the
vulnerabilities in Windows that are described in the following Microsoft security bulletins and
advisory: MS17-001, MS17-003
Impact: Remote Code Execution, Elevation of Privilege,
Fixes 13 vulnerabilities:
CVE-2017-0002, CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-
2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935,
CVE-2017-2936, CVE-2017-2937
Restart Required: Requires Restart
7. MS17-002: Security Update for Microsoft Office (3214291)
Maximum Severity: Critical
Affected Products: Office, Office Services and Office WebApps
Description: This security update resolves vulnerabilities in Microsoft Office. The most severe of
the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft
Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the
context of the current user. Customers whose accounts are configured to have fewer user rights on
the system could be less impacted than those who operate with administrative user rights.
Impact: Remote Code Execution
Fixes 1 vulnerability:
CVE-2017-0003
Restart Required: May Require Restart
8. MS17-003: Security Update for Adobe Flash Player (3214628)
Maximum Severity: Critical
Affected Products: Windows, Adobe Flash Player
Description: This security update resolves vulnerabilities in Adobe Flash Player when installed
on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2,
Windows RT 8.1, Windows 10, and Windows Server 2016.
Impact: Remote Code Execution
Fixes 12 vulnerabilities:
CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-
2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-
2936, CVE-2017-2937
Restart Required: Requires Restart
9. APSB17-01: Security Updates for Adobe Acrobat and Reader
Maximum Severity: Critical
Affected Products: Adobe Acrobat and Reader (Windows and Mac)
Description: This security update resolves a number of issues including use-after-free
vulnerabilities that could lead to code execution, buffer overflow vulnerabilities and memory
corruption issues.
Impact: Remote Code Execution
Fixes 29 vulnerabilities:
CVE-2017-2939, CVE-2017-2940, CVE-2017-2941, CVE-2017-2942, CVE-2017-2943, CVE-2017-
2944, CVE-2017-2945, CVE-2017-2946, CVE-2017-2947, CVE-2017-2948, CVE-2017-2949,
CVE-2017-2950, CVE-2017-2951, CVE-2017-2952, CVE-2017-2953, CVE-2017-2954, CVE-2017-
2955, CVE-2017-2956, CVE-2017-2957, CVE-2017-2958, CVE-2017-2959, CVE-2017-2960,
CVE-2017-2961, CVE-2017-2962, CVE-2017-2963, CVE-2017-2964, CVE-2017-2965, CVE-2017-
2966, CVE-2017-2967
• Restart Required: Requires Restart
10. APSB17-02: Adobe Flash Player
Maximum Severity: Critical
Affected Products: Adobe Flash Player (Windows, Macintosh, Linux and Chrome OS)
Description: Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could
potentially allow an attacker to take control of the affected system.
Impact: Remote Code Execution
Fixes 13 vulnerabilities:
CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-
2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936,
CVE-2017-2937, CVE-2017-2938
Restart Required: Requires Restart
11. SB17-001: January, 2017 Security Only Update (3216771)
Maximum Severity: Important
Affected Products: Windows
Description: This update is the Security Only Quality Update for Windows 7: MS17-004
Impact: Denial of Service
Fixes 1 vulnerability:
CVE-2017-0004
Restart Required: Requires Restart
12. CR17-001: January, 2017 Security Monthly Quality Update (3216771)
Maximum Severity: Important
Affected Products: Windows
Description: This update is the Security Only Quality Update for Windows 7: MS17-004
Impact: Denial of Service,
Fixes 1 vulnerability:
CVE-2017-0004
Restart Required: Requires Restart
13. MS17-004: Security Update for Local Security Authority Subsystem
Service (3216771)
Maximum Severity: Important
Affected Products: Windows Vista
Description: A denial of service vulnerability exists in the way the Local Security Authority
Subsystem Service (LSASS) handles authentication requests. An attacker who successfully
exploited the vulnerability could cause a denial of service on the target system's LSASS service,
which triggers an automatic reboot of the system. MS17-004 addresses the vulnerability by
changing the way that LSASS handles specially crafted authentication requests
Impact: Denial of Service,
Fixes 1 vulnerability:
CVE-2017-0004
Restart Required: Requires Restart
14. MS17-001: Security Update for Microsoft Edge (3214288)
Maximum Severity: Important
Affected Products: Edge
Description: This security update resolves vulnerabilities in Microsoft Edge. The most severe of
the vulnerabilities could allow remote code execution if a user views a specially crafted webpage
using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same
user rights as the current user. Customers whose accounts are configured to have fewer user rights
on the system could be less impacted than users with administrative user rights.
Impact: Elevation of Privilege
Fixes 1 vulnerability:
CVE-2017-0002(Publicly Disclosed)
Restart Required: Requires Restart
15. Between Patch Tuesdays
New Product Support: TortoiseHG, Adobe PhotoShop CC 2015, Nmap,
TortoiseGit, Apple iCloud, Java Development Kit 8.0
Security Updates: Firefox (1), Skype (1), Opera (1), Adobe (3), SeaMonkey (1),
Microsoft (5), Foxit Reader (1), Wireshark (1), Adobe PhotoShop CC 2015 (1),
Thunderbird (1), Java Development Kit 8.0 (1), Apple iCloud (1), KeePass Pro
(1),
Non-Security Updates: Adobe (1), Dropbox (1), GoodSync (2), Microsoft (36),
TortoiseHG (1), TeamViewer (1), Xmind (1), CoreFTP (1), IRFanView (1),
LibreOffice (1), Nmap (2), TortoiseGit (1), GoToMeeting (2), Java Development Kit
8.0 (1), NitroPro (1), TeamViewer (1), CDBurnerXP (1), Malwarebytes (1)
Security Tools:
Software Distribution:
16.
17. Resources and Webinars
Get Shavlik Content Updates
Get Social with Shavlik
Sign up for next months
Patch Tuesday Webinar
Watch previous webinars
and download presentation.
Windows 10 and Windows Server 2016 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. Please note that effective December 13, 2016, Windows 10 and Windows Server 2016 details for the Cumulative Updates will be documented in Release Notes. Please refer to the Release Notes for OS Build numbers, Known Issues, and affected file list information.
MS17-001 (CVE-2017-0002 for Edge) is publicly disclosed but not yet exploited.
12 of the 13 CVEs are for Flash
***** https://www.techpowerup.com/229501/windows-10-kb3213986-update-cripples-multi-monitor-gaming
"Users may experience delayed or clipped screens while running 3D rendering apps (such as games) on systems with more than one monitor," the change-log for the KB3213986 update reads. "To work around this issue please consider the following options: 1. Running the application in Windows mode (not full screen), or 2. Starting the application with only one monitor connected," it adds.
Shavlik Priority: Critical because of the Remote Code Execution impact (even though Microsoft has it listed as important)
CVE-2017-0003 – Deals with a memory corruption issue in office
Security Update for Microsoft Office (3214291)This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Shavlik Priority:
Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Recommendation is within 2 weeks of release.
User targeted vulnerabilities
Security Update for Adobe Flash Player (3214628)This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
* See the slide for Adobe APSB17-02 for more details on the actual vulnerabilities
Shavlik Priority: Shavlik rates this bulletin as a Priority 1.
https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
CVE-2017-2962 – resolves a type confusion vulnerability that could lead to code execution
CVE-2017-2950, CVE-2017-2951, CVE-2017-2955, CVE-2017-2956, CVE-2017-2957, CVE-2017-2958, CVE-2017-2961
These updates resolve use-after-free vulnerabilities that could lead to code execution.
CVE-2017-2942, CVE-2017-2945, CVE-2017-2946, CVE-2017-2949, CVE-2017-2959, CVE-2017-2966
These updates resolve heap buffer overflow vulnerabilities that could lead to code execution.
CVE-2017-2948, CVE-2017-2952
These updates resolve buffer overflow vulnerabilities that could lead to code execution.
CVE-2017-2939, CVE-2017-2940, CVE-2017-2941, CVE-2017-2943, CVE-2017-2944, CVE-2017-2953, CVE-2017-2954, CVE-2017-2960, CVE-2017-2963, CVE-2017-2964, CVE-2017-2965, CVE-2017-2967
These updates resolve memory corruption vulnerabilities that could lead to code execution
CVE-2017-2947
This update resolves a security bypass vulnerability
Mozilla developers and community members Jan de Mooij, Iris Hsiao, Christian Holler, Carsten Book, Timothy Nikkel, Christoph Diehl, Olli Pettay, Raymond Forbes, and Boris Zbarsky reported memory safety bugs present in Firefox 50.0.2 and Firefox ESR 45.5.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Shavlik Priority: Shavlik rates this bulletin as a Priority 1.
Vulnerability Details
These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2017-2938).
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937).
These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931).
Shavlik Priority:
Shavlik rates this bulletin as Important. However since this is publicly disclosed, it is still recommended that the this patch be applied sooner than later.
The Security Only Update is marked as Patch Type Security. This update only includes one update and is not cumulative.
CVE-2017-0004 (Publicly Disclosed) but not yet exploited
Security Update for Local Security Authority Subsystem Service (3216771)A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests
Shavlik Priority:
Shavlik rates this bulletin as Important. However since this is publicly disclosed, it is still recommended that the this patch be applied sooner than later.
The Security Quality Update is marked as Patch Type Non-Security. It includes both security and non-security updates.
CVE-2017-0004 (Publicly Disclosed) but not yet exploited
Security Update for Local Security Authority Subsystem Service (3216771)A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests
Shavlik Priority:
Shavlik rates this bulletin as Important. However since this is publicly disclosed, it is still recommended that the this patch be applied sooner than later.
This bulletin is applicable to Windows Vista.
CVE-2017-0004 (Publicly Disclosed) but not yet exploited
Security Update for Local Security Authority Subsystem Service (3216771)A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests
Shavlik Priority:
Shavlik rates this bulletin as Important. However since this is publicly disclosed, it is still recommended that the this patch be applied sooner than later.
Security Update for Microsoft Edge (3214288) This security update resolves a vulnerability in Microsoft Edge. This vulnerability could allow elevation of privilege if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerability could elevate privileges in affected versions of Microsoft Edge.
The update addresses the vulnerability by assigning a unique origin to top-level windows that navigate to Data URLs.
Sign up for Content Announcements:
Email http://www.shavlik.com/support/xmlsubscribe/
RSS http://protect7.shavlik.com/feed/
Twitter @ShavlikXML
Follow us on:
Shavlik on LinkedIn
Twitter @ShavlikProtect
Shavlik blog -> www.shavlik.com/blog
Chris Goettl on LinkedIn
Twitter @ChrisGoettl
Sign up for webinars or download presentations and watch playbacks:
http://www.shavlik.com/webinars/