edit-icon download-icon

[Vulnerability notice] Microsoft Patch Tuesday – December 2017

Last Updated: Mar 12, 2018

On December 12, 2017 (EST), Microsoft released the monthly security bulletin for December.

This security bulletin states that Microsoft has fixed 34 vulnerabilities, with 21 of them rated critical and the other 13 rated important. These vulnerabilities affect Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint, and Exchange.

In addition to patches against the 34 vulnerabilities, Microsoft also released a Microsoft Office update that disables the Dynamic Data Exchange (DDE) protocol to improve security. This update is applicable to all the supported Office versions and is described in ADV170021. If you cannot install this update, we recommend that you ask for solutions that can reduce DDE development attempts.

In this security bulletin, Microsoft also releases two fix programs (CVE-2017-11937 and CVE-2017-11940) to fix the remote code execution vulnerability - Microsoft Malware Protection Engine (MPE) discovered by UK’s National Cyber Security Centre (NCSC) a week before.

Affected products

The following Microsoft products are affected:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft Exchange Server
  • ChakraCore
  • Microsoft Malware Protection Engine

Vulnerabilities rated critical

  • CVE-2017-11886 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11888 - Microsoft Edge Memory Corruption Vulnerability
  • CVE-2017-11889 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11890 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11893 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11894 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11895 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11901 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11903 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11905 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11907 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11908 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11909 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11910 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11911 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11912 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11914 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11918 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11930 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11937 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability
  • CVE-2017-11940 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability

Vulnerabilities rated important

  • CVE-2017-11885 - Windows RRAS Service Remote Code Execution Vulnerability
  • CVE-2017-11887 - Scripting Engine Information Disclosure Vulnerability
  • CVE-2017-11899 - Microsoft Windows Security Feature Bypass Vulnerability
  • CVE-2017-11906 - Scripting Engine Information Disclosure Vulnerability
  • CVE-2017-11913 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11916 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2017-11919 - Scripting Engine Information Disclosure Vulnerability
  • CVE-2017-11927 - Microsoft Windows Information Disclosure Vulnerability
  • CVE-2017-11932 - Microsoft Exchange Spoofing Vulnerability
  • CVE-2017-11934 - Microsoft PowerPoint Information Disclosure Vulnerability
  • CVE-2017-11935 - Microsoft Excel Remote Code Execution Vulnerability
  • CVE-2017-11936 - Microsoft SharePoint Elevation of Privilege Vulnerability
  • CVE-2017-11939 - Microsoft Office Information Disclosure Vulnerability

How to fix

Alibaba Cloud Security team recommends that you pay attention to these vulnerabilities and install patches suitable for your business to improve server security.

We recommend that you enable Windows Update, click Check for updates, and then download and install patches related to your business. After installing patches, restart the server and check the system running status.

Note: Before installing updates, test the updates and create data backups and snapshots to prevent data loss in case of exceptions during update installation.

Reference

[1]. https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/c383fa60-b852-e711-80dd-000d3a32f9b6
[2]. http://blog.talosintelligence.com/2017/12/ms-tuesday.html

Thank you! We've received your feedback.