January, 2017: Patch Tuesday:Light Month for Bulletins

Welcome to this New Year Patch Tuesday Bulletin. This first month is very light on bulletins with only 4 and only 2 of those bulletins are critical. This is also the first month in a very long time that did not include numerous vulnerabilities for Internet Explorer. Start off with MS17-002 and MS17-003 to remediate critical vulnerabilities for Adobe and Office. There are no known attacks against vulnerabilities in these software distributions but these are popular targets. Follow up with MS17-001 for Edge and MS17-004 to remediate a DoS vulnerability for LSASS.

You can't remediate the most vulnerable point on your network; your users, but you can patch the vulnerabilities commonly used to exploit them to gain a foothold in your environment. Join us for our Patch Tuesday Webinar, where we provide you with our expert led Patch Tuesday Analysis.

  • Prioritize updates from Microsoft and 3rd Party vendors
  • Identify vulnerabilities targeting users
  • Manage your virtual infrastructure with VMworld 2016 Security Gold Award winning Shavlik Protect
  • Flexible architecture to manage servers agentless and endpoints with Agents and Cloud Agents

Click here to get started with Shavlik Protect


BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS17-001

3214288
Privilege elevation

/ Microsoft Edge
Workstations
Terminal Servers
No/NoNoImportant Edge
Requires restartUpdate after testing
MS17-002

3214291
Arbitrary code

/ Microsoft Office, Services, and Web Apps
Workstations
Terminal Servers
Sharepoint Servers
No/NoNoCritical SharePoint Server 2016
Microsoft Word 2016
May require restartUpdate immediately
MS17-003

3214628
Arbitrary code

/ Adobe Flash Player
Workstations
Terminal Servers
Servers
No/NoYesCritical Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Windows 10
Server 2016
Multiple vulnerabilities, requires restartUpdate immediately
MS17-004

3216771
Denial of service

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Requires restartUpdate after testing
Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.