Blog LBMC

Print Divider Print Divider Branding
 

Vulnerability Information Update: June 2017

06/19/2017  |  By: Jessica Mantz

Share

Social Logo Social Logo Social Logo Social Logo

Microsoft Addresses 90+ Vulnerabilities and Extends Support to Older Platforms

In this month's Patch Tuesday, Microsoft announced that they have provided critical security updates to end-of-life platforms, including Windows XP.  The patches address vulnerabilities that are “at heightened risk of exploitation due to past nation-state activity and disclosures” and are recommended to be applied as soon as possible. The patches address three leaked NSA exploits that could allow remote code execution. The first is ExplodingCan (CVE-2017-7269) which targets older versions of Internet Information Services (IIS) server version 6.0 and could allow an attacker to execute code remotely on Windows 2003 servers.

The remaining two are EsteemAudit (CVE-2017-0176), a vulnerability in RDP, and EnglishmanDentist (CVE-2017-8487), a flaw in Object Linking and Embedding (OLE). Overall, Microsoft addressed 97 vulnerabilities this month -19 of them critical vulnerabilities that could allow remote code execution.  Two vulnerabilities are currently attacked in the wild: CVE-2017-8464 and CVE-2017-8543. Specifically, CVE-2017-8543 is a vulnerability in Windows Search that can lead to remote code execution by exploiting an SMB vulnerability. Secondly, CVE-2017-8464 is a vulnerability in Windows LNK files that allows code execution if a maliciously crafted shortcut icon is displayed. We recommended patching these two vulnerabilities as soon as possible. 

Additional information on this vulnerability:

Adobe Patches 20 Vulnerabilities across Four Products

Adobe released patches to address multiple vulnerabilities found in Flash, Shockwave Player, Captivate, and Digital Editions software, as part of its regularly scheduled monthly security updates.  Of the 20 vulnerabilities, 14 are considered critical and could allow remote code execution on vulnerable systems. Accounting for nine critical vulnerabilities alone, updating Adobe Flash Player to version 26.0.0.126 should be considered the top priority when applying this month’s Adobe updates.

For more information, please visit Adobe’s security bulletins via:

Samba Patches Actively Exploited Vulnerability Affecting All Versions of Samba Since 2010

Samba recently released security updates to address a critical remote code execution vulnerability in all versions of Samba since 3.5.0, which was released in 2010.  The vulnerability, CVE-2017-7494, can allow a malicious client to upload a shared library to a writeable share and then cause the server to load and execute the file.  Samba allows for file and print sharing between Windows and UNIX systems. Many systems use Samba, including network attached storage devices, routers, IoT devices, and other Linux-based systems.  A Metasploit module has been made available to exploit this vulnerability. Additionally, researchers have found attacks that leverage this vulnerability to deliver a cryptocurrency miner. We recommended updating to Samba versions 4.6.4, 4.5.10 or 4.4.14, or applying the workaround as soon as possible.

More information can be found at: