Webinar Library
Welcome to this June Patch Tuesday Bulletin. This month is a pretty standard month and things seem to have died down (for now) compared to the last few months with the EternalBlue exploit and the WannaCry ransomware. The typical MS software is affected including IE, Edge, Windows, Office, Silverlight, Skype, and Flash Player. There are 2 vulnerabilities with attacks in the wild that include CVE-2017-8464 and CVE-2017-8543. CVE-2017-8464 is a LNK Remote Code Execution Vulnerability that allows code execution if a maliciously crafted icon is displayed. CVE-2017-8543 is a Windows Search Remote Code Execution Vulnerability that could allow an attacker to execute code. Neither of these vulnerabilities have workarounds so look at implementing the monthly rollup or security update.
June Patch Tuesday is upon us. Join Ivanti as they present the June Patch Tuesday:
Get an edge with Ivanti Patch Tuesday Analysis
Patch data provided by:
Technology
Products Affected
Severity
Reference
Workaround/ Exploited
Vulnerability Info
Internet Explorer
IE 9, 10, 11
Critical
CVE-2017-8517
CVE-2017-8519
CVE-2017-8522
CVE-2017-8524
CVE-2017-8529
CVE-2017-8547
*Workaround: No
**Exploited: No
Remote Code Execution
Information Disclosure
Edge
Microsoft Edge
CVE-2017-8496
CVE-2017-8497
CVE-2017-8498
CVE-2017-8499
CVE-2017-8504
CVE-2017-8520
CVE-2017-8521
CVE-2017-8523
CVE-2017-8530
CVE-2017-8548
CVE-2017-8549
CVE-2017-8555
CVE-2017-0223
Security Feature Bypass
Windows
Windows 10
Windows 8.1
Windows RT 8.1
Windows 7
Server 2008/2008 R2
Sever 2012/2012 R2
Server 2016
CVE-2017-8473
CVE-2017-8474
CVE-2017-8475
CVE-2017-8553
CVE-2017-0282
CVE-2017-0283
CVE-2017-0284
CVE-2017-8477
CVE-2017-8478
CVE-2017-8479
CVE-2017-0285
CVE-2017-0286
CVE-2017-0287
CVE-2017-8480
CVE-2017-8481
CVE-2017-8482
CVE-2017-0288
CVE-2017-0289
CVE-2017-8483
CVE-2017-8484
CVE-2017-0291
CVE-2017-0292
CVE-2017-0294
CVE-2017-8485
CVE-2017-8488
CVE-2017-0295
CVE-2017-0296
CVE-2017-0297
CVE-2017-8489
CVE-2017-8490
CVE-2017-0298
CVE-2017-0299
CVE-2017-8491
CVE-2017-8492
CVE-2017-8493
CVE-2017-0300
CVE-2017-8460
CVE-2017-8462
CVE-2017-8494
CVE-2017-8515
CVE-2017-8527
CVE-2017-8528
**CVE-2017-8464
CVE-2017-8465
CVE-2017-8531
CVE-2017-8532
CVE-2017-8466
CVE-2017-8468
CVE-2017-8469
CVE-2017-8470
CVE-2017-8533
CVE-2017-8534
**CVE-2017-8543
CVE-2017-8471
CVE-2017-8472
CVE-2017-8544
CVE-2017-0173
CVE-2017-0193
CVE-2017-0215
CVE-2017-0216
CVE-2017-0218
CVE-2017-0219
CVE-2017-0260
CVE-2017-8476
CVE-2017-8552
**Exploited: Yes
Tampering
Elevation of Privilege
Denial of Service
Office, Office Services and Web Apps
Office 2010,
2013, 2016
Office Web Apps 2010,
2013
OneNote 2010
Outlook 2007, 2010, 2013, 2016
PowerPoint 2007, 2013, 2016, Mac 2011
SharePoint 2007, 2013, 2016
Word 2007, 2010, 2013, 2016
Skype Business 2016
CVE-2017-8506
CVE-2017-8507
CVE-2017-8508
CVE-2017-8509
CVE-2017-8510
CVE-2017-8511
CVE-2017-8512
CVE-2017-8513
CVE-2017-8514
CVE-2017-8545
CVE-2017-8550
CVE-2017-8551
Spoofing
Silverlight
Silverlight 5
Adobe Flash
25.0.0.171 and earlier
CVE-2017-3075
CVE-2017-3081
CVE-2017-3083
CVE-2017-3084
CVE-2017-3076
CVE-2017-3077
CVE-2017-3078
CVE-2017-3079
CVE-2017-3082
Arbitrary Code Execution