August, 2017: Patch Tuesday: 51 CVE's and 2 Workarounds

Welcome to this August Patch Tuesday Bulletin.  This month we have 51 CVE’s remediated across 6 products including Internet Explorer, Edge, Windows, SharePoint, Adobe Flash, and SQL Server.  Two critical Windows vulnerabilities (CVE-2017-0250, CVE-2017-8620) have workarounds in case updates cannot be applied so this may be an option depending on compensating controls and functionality of the server.  There were no reported attacks on any vulnerability in the wild but there are 4 critical, potentially exploitable products that are being patched this month.

August Patch Tuesday is upon us. Join Ivanti as they present the August Patch Tuesday Webinar:

  • Prioritizing updates from Microsoft and 3rd Party vendors
  • Identifying vulnerabilities targeting users
  • Industry changes that may impact how you manage updates
  • Known issues or concerns to look out for

Get an edge with Ivanti Patch Tuesday Analysis

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Internet Explorer

IE 9, 10, 11

Critical

CVE-2017-8625

CVE-2017-8635

CVE-2017-8636

CVE-2017-8641

CVE-2017-8651

CVE-2017-8653

CVE-2017-8669

*Workaround: No

**Exploited: No

Remote Code Execution

Security Feature Bypass

 

Edge

Microsoft Edge

Critical

CVE-2017-8503

CVE-2017-8634

CVE-2017-8635

CVE-2017-8636

CVE-2017-8637

CVE-2017-8638

CVE-2017-8639

CVE-2017-8640

CVE-2017-8641

CVE-2017-8642

CVE-2017-8644

CVE-2017-8645

CVE-2017-8646

CVE-2017-8647

CVE-2017-8650

CVE-2017-8652

CVE-2017-8653

CVE-2017-8655

CVE-2017-8656

CVE-2017-8657

CVE-2017-8659

CVE-2017-8661

CVE-2017-8662

CVE-2017-8669

CVE-2017-8670

CVE-2017-8671

CVE-2017-8672

CVE-2017-8674

CVE-2017-8518

 

*Workaround: No

**Exploited: No

Elevation of Privilege

Remote Code Execution

Security Feature Bypass

Information Disclosure

 

Windows

Windows 10

Windows 8.1

Windows RT 8.1

Windows 7

Server 2008/2008 R2

Sever 2012/2012 R2

Server 2016

 

Critical

CVE-2017-0174

*CVE-2017-0250

CVE-2017-0293

CVE-2017-8591

CVE-2017-8593

*CVE-2017-8620

CVE-2017-8622

CVE-2017-8623

CVE-2017-8624

CVE-2017-8627

CVE-2017-8633

CVE-2017-8664

CVE-2017-8666

CVE-2017-8668

CVE-2017-8673

CVE-2017-8691

*Workaround: Yes

**Exploited: No

Denial of Service

Remote Code Execution

Elevation of Privilege

Information Disclosure

 

SharePoint

SharePoint Server 2010

Important

CVE-2017-8654

*Workaround: No

**Exploited: No

Spoofing

Adobe Flash Player

Windows 10

Windows 8.1

Windows RT 8.1

Server 2012/2012 R2

Windows Server 2016

Critical

CVE-2017-3085

CVE-2017-3106

*Workaround: No

**Exploited: No

Remote Code Execution

SQL Server

SQL Server 2012/2014/2014 SP2/2016

Important

CVE-2017-8516

*Workaround: No

**Exploited: No

Information Disclosure


Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.