Ivanti, profile picture
Uploaded byIvanti
PPTX, PDF2,165 views

May 2017 Patch Tuesday Ivanti

The document outlines a webinar on the May 2017 Patch Tuesday which includes critical security updates for various Microsoft products and Adobe Flash Player. Key vulnerabilities addressed include multiple remote code execution issues across Windows, Microsoft Office, and Internet Explorer, with details on their impacts and required fixes. Additionally, it highlights the importance of security practices, such as enabling two-factor authentication to defend against phishing attacks.

Embed presentation

Downloaded 14 times
Patch Tuesday Webinar Wednesday, May 10th, 2017Chris Goettl Todd Schell Dial In: 1-877-668-4490 (US) Attendees: 804 134 053
Agenda May 2017 Patch Tuesday Overview In the News Bulletins Q & A 1 2 3 4
 In the News
Intel vPro Vulnerability An oldie but goodie  Allows remote access with AMT enabled  AMT disabled limits access to local system Ivanti solution  Deploy our configuration management package  Disables AMT No word yet from OEMs on a fix
From our Friends at Microsoft A vulnerable malware protection engine?  MS MRT allows code execution upon special file scan  Researcher revers to vulnerability as ‘crazy bad’  MS releasing a fix; should update within 48 hours Processor limitations coming for Windows 10  Kaby Lake processors will cause WU to block updates on OSs Older than Win 10  Future updates will not support older processors  Installation restrictions in the update engine itself
Phishing for Google Docs Phishing is alive and well this month  Google docs phishing scam  Email with a request to share some documents  Limited defense against this sort of attack  Enable two-factor authentication on your account  Education is the key
 Bulletins
MS17-05-AFP: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player if it's installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, Windows 8.1, or Windows RT 8.1. This bulletin is refers to a single KB article.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017- 3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074  Restart Required: Requires Application Restart
MS17-05-IE: Security Updates for Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9, 10 and 11  Description: This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer. The security fixes that are listed in the Security Monthly Quality Rollup KB4019215 are also included in the May 2017 Security-Only Quality Update, KB4019213, except for the security fixes for Internet Explorer. Those are instead included in the Cumulative Security Update for Internet Explorer KB4018271. This bulletin references 7 KB articles.  Impact: Remote Code Execution  Fixes 6 vulnerabilities: CVE-2017-0064, CVE-2017-0222, CVE-2017-0226, CVE- 2017-0228, CVE-2017-0231, CVE-2017-0238  Restart Required: Requires Browser Restart
MS17-05-OFF: Security Updates for Microsoft Office  Maximum Severity: Critical  Affected Products: Microsoft Office 2007-2016 for Windows and Mac  Description: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. This bulletin references 25 KB articles.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-0254, CVE-2017-0261, CVE-2017-0262, CVE-2017-0264, CVE-2017-0265, CVE-2017-0281, CVE-2017-0290  Restart Required: Requires Restart
MS17-05-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 1507, 1511, 1607, and 1703, Server 2016, Microsoft Edge, and IE  Description: This bulletin references 11 KB articles.  Impact: Full range of impacts including Remote Code Execution  Fixes 42 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0212, CVE-2017-0213, CVE-2017-0214, CVE-2017-0221, CVE-2017-0222, CVE- 2017-0224, CVE-2017-0226, CVE-2017-0227, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0231, CVE-2017-0233, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, CVE-2017- 0238, CVE-2017-0240, CVE-2017-0241, CVE-2017-0246, CVE-2017-0258, CVE-2017-0259, CVE- 2017-0263, CVE-2017-0266, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017- 0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
MS17-05-2K8: Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: A denial of service vulnerability exists in Windows DNS Server if the server is configured to answer version queries. Several vulnerabilities lead to information disclosure or remote code execution. This bulletin references 9 KB articles.  Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Information Disclosure  Fixes 27 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0175, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0242, CVE-2017-0244, CVE- 2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017- 0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE- 2017-0280  Restart Required: Requires Restart
MS17-05-SO7: Security-only Update for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 and Server 2008 R2  Description: Security updates to Microsoft Graphics Component, Windows COM, Microsoft ActiveX, Windows Server, Windows kernel, and Microsoft Windows DNS. This bulletin is based on KB4019263.  Impact: Remote Code Execution  Fixes 27 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0175, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0242, CVE-2017-0244, CVE- 2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017- 0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE- 2017-0280  Restart Required: Requires Restart
MS17-05-SO8: Security-only Update Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Security updates to Microsoft Graphics Component, Windows COM, Windows Server, Windows Kernel and Microsoft Windows DNS. Does not include security fixes for Internet Explorer. This bulletin is based on KB4019214.  Impact: Remote Code Execution  Fixes 24 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0190, CVE-2017- 0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE- 2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017- 0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
MS17-05-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1 and Server 2012 R2  Description: Security updates to Microsoft Graphics Component, Microsoft Windows DNS, Windows COM, Windows Server and Windows kernel. This bulletin is based on KB4019213.  Impact: Remote Code Execution  Fixes 23 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0190, CVE-2017- 0213, CVE-2017-0214, CVE-2017-0246, CVE-2017-0258, CVE-2017-025, CVE-2017-0263, CVE- 2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017- 0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
MS17-05-MR7: Monthly Rollup for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB4015552 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019264.  Impact: Remote Code Execution  Fixes 33 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0175, CVE-2017-0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0222, CVE- 2017-0226, CVE-2017-0228, CVE-2017-0231, CVE-2017-0238, CVE-2017-0242, CVE-2017-0244, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017- 0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE- 2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280,  Restart Required: Requires Restart
MS17-05-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: This security update includes improvements and fixes that were a part of update KB4015554 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019216.  Impact: Remote Code Execution  Fixes 30 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0222, CVE-2017-0226, CVE- 2017-0228, CVE-2017-0231, CVE-2017-0238 CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017- 0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE- 2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
MS17-05-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB4015553 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019215.  Impact: Remote Code Execution  Fixes 29 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0222, CVE-2017-0226, CVE-2017-0228, CVE- 2017-0231, CVE-2017-0238, CVE-2017-0246, CVE-2017-0258, CVE-2017-025, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017- 0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE- 2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
APSB17-15: Security Update for Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017- 3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074  Restart Required: Application Restart Required
MS17-05-SONET: Security-only Update for Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.7  Sub-bulletins: MS17-05-SONET-4019108, 4019109, 4019110, 4019111  These are four separate bulletins for the four operating systems  Description: This update resolves a vulnerability where the Microsoft .NET Framework (and .NET Core) components do not completely validate certificates resulting in a security feature bypass.  Impact: Security Feature Bypass  Fixes 1 vulnerability: CVE-2017-0248  Restart Required: Requires Restart
MS17-05-SONET: Monthly Rollup for Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.7  Sub-bulletins: MS17-05-MRNET-4019112, 4019113, 4019114, 4019115  These are four separate bulletins for the four operating systems  Description: This update resolves a vulnerability where the Microsoft .NET Framework (and .NET Core) components do not completely validate certificates resulting in a security feature bypass.  Impact: Security Feature Bypass  Fixes 1 vulnerability: CVE-2017-0248  Restart Required: Requires Restart
Other Releases  PDF-Xchange  Bulletin: PDFX-008  Release 6.0.322.0  Feature and maintenance update (non-security)  Google Chrome  Bulletin: Chrome-195  Release 58.0.3029.110  Windows, MacOS, Linux  Stability, performance, and security
Thank You

More Related Content

PPTX
June2017 patchtuesdayivanti
byIvanti
 
PPTX
Patch Tuesday Analysis - March 2017
byIvanti
 
PPTX
April 2017 patch tuesday ivanti
byChris Goettl
 
PPTX
July 2017 Patch Tuesday - Ivanti
byIvanti
 
PPTX
Patch Tuesday - August 2017 - Ivanti
byErica Azad
 
PPTX
September 2017 Patch Tuesday
byIvanti
 
PPTX
December2016 patchtuesdayshavlik
byLANDESK
 
PPTX
January2017 patchtuesdayshavlik
byLANDESK
 
June2017 patchtuesdayivanti
byIvanti
 
Patch Tuesday Analysis - March 2017
byIvanti
 
April 2017 patch tuesday ivanti
byChris Goettl
 
July 2017 Patch Tuesday - Ivanti
byIvanti
 
Patch Tuesday - August 2017 - Ivanti
byErica Azad
 
September 2017 Patch Tuesday
byIvanti
 
December2016 patchtuesdayshavlik
byLANDESK
 
January2017 patchtuesdayshavlik
byLANDESK
 

What's hot

PPTX
October 2017 Ivanti Patch Tuesday Analysis
byIvanti
 
PPTX
November2016 patchtuesdayshavlik
byLANDESK
 
PPTX
January Patch Tuesday Webinar 2018
byIvanti
 
PPTX
October2016 patchtuesdayshavlik
byLANDESK
 
PPTX
December 2017 Patch Tuesday
byIvanti
 
PPTX
February 2018 Patch Tuesday Analysis
byIvanti
 
PPTX
October Patch Tuesday Analysis 2018
byIvanti
 
PPTX
December 2018 Patch Tuesday Analysis
byIvanti
 
PPTX
Shavlik September Patch Tuesday 2016
byLANDESK
 
PPTX
February Patch Tuesday 2019
byIvanti
 
PPTX
Ivanti Patch Tuesday November 2017
byIvanti
 
PPTX
Patch Tuesday for January 2020
byIvanti
 
PPTX
November Patch Tuesday Analysis
byIvanti
 
PPTX
January Patch Tuesday 2019
byIvanti
 
PPTX
Patch Tuesday Analysis - October 2015
byIvanti
 
PDF
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
byIvanti
 
October 2017 Ivanti Patch Tuesday Analysis
byIvanti
 
November2016 patchtuesdayshavlik
byLANDESK
 
January Patch Tuesday Webinar 2018
byIvanti
 
October2016 patchtuesdayshavlik
byLANDESK
 
December 2017 Patch Tuesday
byIvanti
 
February 2018 Patch Tuesday Analysis
byIvanti
 
October Patch Tuesday Analysis 2018
byIvanti
 
December 2018 Patch Tuesday Analysis
byIvanti
 
Shavlik September Patch Tuesday 2016
byLANDESK
 
February Patch Tuesday 2019
byIvanti
 
Ivanti Patch Tuesday November 2017
byIvanti
 
Patch Tuesday for January 2020
byIvanti
 
November Patch Tuesday Analysis
byIvanti
 
January Patch Tuesday 2019
byIvanti
 
Patch Tuesday Analysis - October 2015
byIvanti
 
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
byIvanti
 

Similar to May 2017 Patch Tuesday Ivanti

PPTX
April Patch Tuesday Analysis 2018
byIvanti
 
PPTX
Patch Tuesday Analysis - October 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - January 2017
byIvanti
 
PPTX
Patch Tuesday Analysis - May 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - November 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - December 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - June 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - September 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - July 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - March 2016
byIvanti
 
PPTX
May 2018 Patch Tuesday Analysis
byIvanti
 
PPTX
Patch Tuesday Analysis - April 2016
byIvanti
 
PPTX
Patch Tuesday Analysis - January 2016
byIvanti
 
PPTX
March 2018 Patch Tuesday Ivanti
byIvanti
 
PPTX
Patch Tuesday Analysis - August 2016
byIvanti
 
PPTX
August Patch Tuesday 2016
byLANDESK
 
PPTX
August Patch Tuesday Analysis
byIvanti
 
PPTX
Patch Tuesday Analysis - February 2016
byIvanti
 
PPTX
June Patch Tuesday 2018
byIvanti
 
PPTX
July 2018 Patch Tuesday Analysis
byIvanti
 
April Patch Tuesday Analysis 2018
byIvanti
 
Patch Tuesday Analysis - October 2016
byIvanti
 
Patch Tuesday Analysis - January 2017
byIvanti
 
Patch Tuesday Analysis - May 2016
byIvanti
 
Patch Tuesday Analysis - November 2016
byIvanti
 
Patch Tuesday Analysis - December 2016
byIvanti
 
Patch Tuesday Analysis - June 2016
byIvanti
 
Patch Tuesday Analysis - September 2016
byIvanti
 
Patch Tuesday Analysis - July 2016
byIvanti
 
Patch Tuesday Analysis - March 2016
byIvanti
 
May 2018 Patch Tuesday Analysis
byIvanti
 
Patch Tuesday Analysis - April 2016
byIvanti
 
Patch Tuesday Analysis - January 2016
byIvanti
 
March 2018 Patch Tuesday Ivanti
byIvanti
 
Patch Tuesday Analysis - August 2016
byIvanti
 
August Patch Tuesday 2016
byLANDESK
 
August Patch Tuesday Analysis
byIvanti
 
Patch Tuesday Analysis - February 2016
byIvanti
 
June Patch Tuesday 2018
byIvanti
 
July 2018 Patch Tuesday Analysis
byIvanti
 

More from Ivanti

PDF
Français Patch Tuesday - Janvier
byIvanti
 
PDF
January Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - décembre
byIvanti
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - novembre
byIvanti
 
PDF
November Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - octobre
byIvanti
 
PDF
2025 October Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Septembre
byIvanti
 
PDF
September Patch Tuesday
byIvanti
 
PDF
August Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Juillet
byIvanti
 
PDF
July Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Juin
byIvanti
 
PDF
June Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Mai
byIvanti
 
PDF
May Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Avril
byIvanti
 
PDF
April Patch Tuesday
byIvanti
 
PDF
Français Patch Tuesday - Mars
byIvanti
 
Français Patch Tuesday - Janvier
byIvanti
 
January Patch Tuesday
byIvanti
 
Français Patch Tuesday - décembre
byIvanti
 
December Patch Tuesday
byIvanti
 
Français Patch Tuesday - novembre
byIvanti
 
November Patch Tuesday
byIvanti
 
Français Patch Tuesday - octobre
byIvanti
 
2025 October Patch Tuesday
byIvanti
 
Français Patch Tuesday - Septembre
byIvanti
 
September Patch Tuesday
byIvanti
 
August Patch Tuesday
byIvanti
 
Français Patch Tuesday - Juillet
byIvanti
 
July Patch Tuesday
byIvanti
 
Français Patch Tuesday - Juin
byIvanti
 
June Patch Tuesday
byIvanti
 
Français Patch Tuesday - Mai
byIvanti
 
May Patch Tuesday
byIvanti
 
Français Patch Tuesday - Avril
byIvanti
 
April Patch Tuesday
byIvanti
 
Français Patch Tuesday - Mars
byIvanti
 

Recently uploaded

PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Designing a Blog Using Wordpress
bymarkzubi50
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 

May 2017 Patch Tuesday Ivanti

  • 1.
    Patch Tuesday Webinar Wednesday,May 10th, 2017Chris Goettl Todd Schell Dial In: 1-877-668-4490 (US) Attendees: 804 134 053
  • 2.
    Agenda May 2017 PatchTuesday Overview In the News Bulletins Q & A 1 2 3 4
  • 3.
  • 4.
    Intel vPro Vulnerability Anoldie but goodie  Allows remote access with AMT enabled  AMT disabled limits access to local system Ivanti solution  Deploy our configuration management package  Disables AMT No word yet from OEMs on a fix
  • 5.
    From our Friendsat Microsoft A vulnerable malware protection engine?  MS MRT allows code execution upon special file scan  Researcher revers to vulnerability as ‘crazy bad’  MS releasing a fix; should update within 48 hours Processor limitations coming for Windows 10  Kaby Lake processors will cause WU to block updates on OSs Older than Win 10  Future updates will not support older processors  Installation restrictions in the update engine itself
  • 6.
    Phishing for GoogleDocs Phishing is alive and well this month  Google docs phishing scam  Email with a request to share some documents  Limited defense against this sort of attack  Enable two-factor authentication on your account  Education is the key
  • 8.
  • 9.
    MS17-05-AFP: Security Updatefor Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: This security update resolves vulnerabilities in Adobe Flash Player if it's installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, Windows 8.1, or Windows RT 8.1. This bulletin is refers to a single KB article.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017- 3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074  Restart Required: Requires Application Restart
  • 10.
    MS17-05-IE: Security Updatesfor Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9, 10 and 11  Description: This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer. The security fixes that are listed in the Security Monthly Quality Rollup KB4019215 are also included in the May 2017 Security-Only Quality Update, KB4019213, except for the security fixes for Internet Explorer. Those are instead included in the Cumulative Security Update for Internet Explorer KB4018271. This bulletin references 7 KB articles.  Impact: Remote Code Execution  Fixes 6 vulnerabilities: CVE-2017-0064, CVE-2017-0222, CVE-2017-0226, CVE- 2017-0228, CVE-2017-0231, CVE-2017-0238  Restart Required: Requires Browser Restart
  • 11.
    MS17-05-OFF: Security Updatesfor Microsoft Office  Maximum Severity: Critical  Affected Products: Microsoft Office 2007-2016 for Windows and Mac  Description: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. This bulletin references 25 KB articles.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-0254, CVE-2017-0261, CVE-2017-0262, CVE-2017-0264, CVE-2017-0265, CVE-2017-0281, CVE-2017-0290  Restart Required: Requires Restart
  • 12.
    MS17-05-W10: Windows 10Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 1507, 1511, 1607, and 1703, Server 2016, Microsoft Edge, and IE  Description: This bulletin references 11 KB articles.  Impact: Full range of impacts including Remote Code Execution  Fixes 42 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0212, CVE-2017-0213, CVE-2017-0214, CVE-2017-0221, CVE-2017-0222, CVE- 2017-0224, CVE-2017-0226, CVE-2017-0227, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0231, CVE-2017-0233, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, CVE-2017- 0238, CVE-2017-0240, CVE-2017-0241, CVE-2017-0246, CVE-2017-0258, CVE-2017-0259, CVE- 2017-0263, CVE-2017-0266, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017- 0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
  • 13.
    MS17-05-2K8: Windows Server2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: A denial of service vulnerability exists in Windows DNS Server if the server is configured to answer version queries. Several vulnerabilities lead to information disclosure or remote code execution. This bulletin references 9 KB articles.  Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Information Disclosure  Fixes 27 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0175, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0242, CVE-2017-0244, CVE- 2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017- 0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE- 2017-0280  Restart Required: Requires Restart
  • 14.
    MS17-05-SO7: Security-only Updatefor Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 and Server 2008 R2  Description: Security updates to Microsoft Graphics Component, Windows COM, Microsoft ActiveX, Windows Server, Windows kernel, and Microsoft Windows DNS. This bulletin is based on KB4019263.  Impact: Remote Code Execution  Fixes 27 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0175, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0242, CVE-2017-0244, CVE- 2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017- 0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE- 2017-0280  Restart Required: Requires Restart
  • 15.
    MS17-05-SO8: Security-only UpdateServer 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Security updates to Microsoft Graphics Component, Windows COM, Windows Server, Windows Kernel and Microsoft Windows DNS. Does not include security fixes for Internet Explorer. This bulletin is based on KB4019214.  Impact: Remote Code Execution  Fixes 24 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0190, CVE-2017- 0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE- 2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017- 0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
  • 16.
    MS17-05-SO81: Security-only Updatefor Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1 and Server 2012 R2  Description: Security updates to Microsoft Graphics Component, Microsoft Windows DNS, Windows COM, Windows Server and Windows kernel. This bulletin is based on KB4019213.  Impact: Remote Code Execution  Fixes 23 vulnerabilities: CVE-2017-0077, CVE-2017-0171, CVE-2017-0190, CVE-2017- 0213, CVE-2017-0214, CVE-2017-0246, CVE-2017-0258, CVE-2017-025, CVE-2017-0263, CVE- 2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017- 0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
  • 17.
    MS17-05-MR7: Monthly Rollupfor Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB4015552 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019264.  Impact: Remote Code Execution  Fixes 33 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0175, CVE-2017-0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0222, CVE- 2017-0226, CVE-2017-0228, CVE-2017-0231, CVE-2017-0238, CVE-2017-0242, CVE-2017-0244, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017- 0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017-0272, CVE-2017-0273, CVE- 2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280,  Restart Required: Requires Restart
  • 18.
    MS17-05-MR8: Monthly Rollupfor Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: This security update includes improvements and fixes that were a part of update KB4015554 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019216.  Impact: Remote Code Execution  Fixes 30 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0222, CVE-2017-0226, CVE- 2017-0228, CVE-2017-0231, CVE-2017-0238 CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017- 0271, CVE-2017-0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE- 2017-0277, CVE-2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
  • 19.
    MS17-05-MR81: Monthly Rollupfor Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB4015553 (released April 18, 2017). This bulletin includes updates for IE. This bulletin is based on KB4019215.  Impact: Remote Code Execution  Fixes 29 vulnerabilities: CVE-2017-0064, CVE-2017-0077, CVE-2017-0171, CVE-2017- 0190, CVE-2017-0213, CVE-2017-0214, CVE-2017-0222, CVE-2017-0226, CVE-2017-0228, CVE- 2017-0231, CVE-2017-0238, CVE-2017-0246, CVE-2017-0258, CVE-2017-025, CVE-2017-0263, CVE-2017-0267, CVE-2017-0268, CVE-2017-0269, CVE-2017-0270, CVE-2017-0271, CVE-2017- 0272, CVE-2017-0273, CVE-2017-0274, CVE-2017-0275, CVE-2017-0276, CVE-2017-0277, CVE- 2017-0278, CVE-2017-0279, CVE-2017-0280  Restart Required: Requires Restart
  • 20.
    APSB17-15: Security Updatefor Adobe Flash Player  Maximum Severity: Critical  Affected Products: Adobe Flash Player  Description: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Impact: Remote Code Execution  Fixes 7 vulnerabilities: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017- 3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074  Restart Required: Application Restart Required
  • 21.
    MS17-05-SONET: Security-only Updatefor Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.7  Sub-bulletins: MS17-05-SONET-4019108, 4019109, 4019110, 4019111  These are four separate bulletins for the four operating systems  Description: This update resolves a vulnerability where the Microsoft .NET Framework (and .NET Core) components do not completely validate certificates resulting in a security feature bypass.  Impact: Security Feature Bypass  Fixes 1 vulnerability: CVE-2017-0248  Restart Required: Requires Restart
  • 22.
    MS17-05-SONET: Monthly Rollupfor Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.7  Sub-bulletins: MS17-05-MRNET-4019112, 4019113, 4019114, 4019115  These are four separate bulletins for the four operating systems  Description: This update resolves a vulnerability where the Microsoft .NET Framework (and .NET Core) components do not completely validate certificates resulting in a security feature bypass.  Impact: Security Feature Bypass  Fixes 1 vulnerability: CVE-2017-0248  Restart Required: Requires Restart
  • 23.
    Other Releases  PDF-Xchange Bulletin: PDFX-008  Release 6.0.322.0  Feature and maintenance update (non-security)  Google Chrome  Bulletin: Chrome-195  Release 58.0.3029.110  Windows, MacOS, Linux  Stability, performance, and security
  • 25.

Editor's Notes

  • #5 Unanswered questions: When will OEMs release driver updates? How far back will the driver updates go? If they don’t go far enough back you will need to supplement with additional mitigation steps for systems not covered.
  • #6 Why is no action required to install this update?  In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Microsoft Malware Protection Engine. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner. For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating. Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Microsoft Malware Protection Engine updates and malware definitions, is working as expected in their environment. Verify that the update is installed  Customers should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed for their Microsoft antimalware products. For more information on how to verify the version number for the Microsoft Malware Protection Engine that your software is currently using, see the section, "Verifying Update Installation", in Microsoft Knowledge Base Article 2510781.  For affected software, verify that the Microsoft Malware Protection Engine version is 1.1.10701.0 or later. 
  • #11 CVE-2017-0064 was publically disclosed and CVE-2017-0222 is known to be exploited. A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
  • #12 This update contains a fix for CVE-2017-261 which is known to be exploited. This vulnerability is exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could exploit the vulnerability by constructing a specially crafted EPS file that could allow remote code execution.
  • #13 This bulletin includes all 3 publically disclosed and all 2 exploited vulnerabilities. All except the Office vulnerability.
  • #14 This update contains a fix for CVE-2017-263 which is known to be exploited. This vulnerability exists in Win32k systems and allows a memory exploit to gain additional privileges.
  • #15 Known issue with this update - If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates.
  • #18 Known issue - If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates.