edit-icon download-icon

[Vulnerability notice] Microsoft Patch Tuesday – October 2017

Last Updated: Mar 12, 2018

On October 10, 2017, Microsoft released the monthly security advisory for October, disclosing the identified and addressed vulnerabilities in Microsoft products.

The security advisory addresses 63 new vulnerabilities, with 28 of them rated critical and 35 rated important. These vulnerabilities affect graphing functions, Edge, Internet Explorer, Office, SharePoint, Windows graphical interface, Windows kernel-mode driver, and so on.

Two of the vulnerabilities have greater impact on servers, namely, Windows DNSAPI remote code execution vulnerability (CVE-2017-11779) and Windows SMB Remote code execution vulnerability (CVE-2017-11780). When exploiting these vulnerabilities successfully, attackers can remotely control your server.

See the following for more information about the vulnerability.


Affected products

The following Microsoft products are affected:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Skype for Business and Lync
  • Chakra Core

Vulnerabilities rated critical

The following vulnerabilities are rated “Critical” by Microsoft:

  • CVE-2017-11813 - Internet Explorer Memory Corruption Vulnerability
  • CVE-2017-11822 - Internet Explorer Memory Corruption Vulnerability
  • CVE-2017-11762 - Microsoft Graphics Remote Code Execution Vulnerability
  • CVE-2017-11763 - Microsoft Graphics Remote Code Execution Vulnerability
  • CVE-2017-11797 - Scripting Engine Information Disclosure Vulnerability
  • CVE-2017-11767 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11792 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11793 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11796 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11798 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11799 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11800 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11801 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11802 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11804 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11805 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11806 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11807 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11808 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11809 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11810 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11811 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11812 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11821 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11779 - Windows DNSAPI Remote Code Execution Vulnerability
  • CVE-2017-11771 - Windows Search Remote Code Execution Vulnerability
  • CVE-2017-8727 - Windows Shell Memory Corruption Vulnerability
  • CVE-2017-11819 - Windows Shell Remote Code Execution Vulnerability

Vulnerabilities rated important

The following vulnerabilities are rated “Important” by Microsoft:

  • CVE-2017-11790 - Internet Explorer Information Disclosure Vulnerability
  • CVE-2017-11794 - Microsoft Edge Information Disclosure Vulnerability
  • CVE-2017-8726 - Microsoft Edge Memory Corruption Vulnerability
  • CVE-2017-8693 - Microsoft Graphics Information Disclosure Vulnerability
  • CVE-2017-8717 - Microsoft JET Database Engine Remote Code Execution Vulnerability
  • CVE-2017-8718 - Microsoft JET Database Engine Remote Code Execution Vulnerability
  • CVE-2017-11826 - Microsoft Office Memory Corruption Vulnerability
  • CVE-2017-11825 - Microsoft Office Remote Code Execution Vulnerability
  • CVE-2017-11775 - Microsoft Office SharePoint XSS Vulnerability
  • CVE-2017-11777 - Microsoft Office SharePoint XSS Vulnerability
  • CVE-2017-11820 - Microsoft Office SharePoint XSS Vulnerability
  • CVE-2017-11776 - Microsoft Outlook Information Disclosure Vulnerability
  • CVE-2017-11774 - Microsoft Outlook Security Feature Bypass Vulnerability
  • CVE-2017-11772 - Microsoft Search Information Disclosure Vulnerability
  • CVE-2017-11823 - Microsoft Windows Security Feature Bypass
  • CVE-2017-11786 - Skype for Business Elevation of Privilege Vulnerability
  • CVE-2017-11769 - TRIE Remote Code Execution Vulnerability
  • CVE-2017-8689 - Win32k Elevation of Privilege Vulnerability
  • CVE-2017-8694 - Win32k Elevation of Privilege Vulnerability
  • CVE-2017-11783 - Windows Elevation of Privilege Vulnerability
  • CVE-2017-11816 - Windows GDI Information Disclosure Vulnerability
  • CVE-2017-11824 - Windows Graphics Component Elevation of Privilege Vulnerability
  • CVE-2017-11817 - Windows Information Disclosure Vulnerability
  • CVE-2017-11765 - Windows Kernel Information Disclosure Vulnerability
  • CVE-2017-11784 - Windows Kernel Information Disclosure Vulnerability
  • CVE-2017-11785 - Windows Kernel Information Disclosure Vulnerability
  • CVE-2017-11814 - Windows Kernel Information Disclosure Vulnerability
  • CVE-2017-8715 - Windows Security Feature Bypass Vulnerability
  • CVE-2017-11781 - Windows SMB Denial of Service Vulnerability
  • CVE-2017-11782 - Windows SMB Elevation of Privilege Vulnerability
  • CVE-2017-11815 - Windows SMB Information Disclosure Vulnerability
  • CVE-2017-11780 - Windows SMB Remote Code Execution Vulnerability
  • CVE-2017-11818 - Windows Storage Security Feature Bypass Vulnerability
  • CVE-2017-8703 - Windows Subsystem for Linux Denial of Service Vulnerability
  • CVE-2017-11829 - Windows Update Delivery Optimization Elevation of Privilege Vulnerability

How to fix

Alibaba Cloud Security team recommends that you pay attention to these vulnerabilities and install patches suitable for your business to improve server security.

We recommend that you enable Windows Update, click Check for updates, and then download and install patches related to your business. After installing patches, restart the server and check the system running status.

Note: Before installing updates, test the updates and create data backups and snapshots to prevent data loss in case of exceptions during update installation.

Reference

[1]. https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/313ae481-3088-e711-80e2-000d3a32fc99
[2]. http://blog.talosintelligence.com/2017/10/ms-tuesday.html

Thank you! We've received your feedback.