Patch Analysis for January 2017

Welcome to this January Patch Monday Bulletin. This month brings patches for Acrobat, Reader, Thunderbird and Java. While there are only 4 patches listed in this bulletin there are quite a bit of vulnerabilities that will be fixed. As usual, work on Adobe Flash and Acrobat/Reader first this month. There were no known attacks for vulnerabilities that are being remediated this month but these first two patches are common targets. January is the first Oracle quarterly Critical Patch Update for 2017 and hopefully you are ready for it. There were 17 CVE’s for Java that are remediated with this patch release. Finally, Thunderbird released a patch in late December after the last patch bulletin. Start looking into how patching can be streamlined with the regularly scheduled patches from Adobe and Java. Monthly or quarterly patch cycles can be developed to quickly test and deploy these patches throughout the environment with the goal of reducing the attack surface as much as possible.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of non-MS patches that affect Windows platforms in the past month.

Patch data provided by:

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

CVE-2017-2929

Adobe Acrobat extension for Chrome

15.1.0.3

1/19/2017

Cross-Site Scripting

Important Priority 2: Update within 30 days

Multiple CVE’s

Adobe Acrobat/Reader

Acrobat/Reader DC Continuous 15.020.20042 and earlier

Acrobat/Reader DC Classic

15.006.30244 and earlier

Acrobat XI Desktop

11.0.18 and earlier versions

1/5/2017

Arbitrary Code Execution

Critical Priority 2:Update within 30 days

Multiple CVE’s

Adobe Flash Player

24.0.0.186 and earlier

1/10/2017

Arbitrary Code Execution

Critical Priority 1: Update within 72 hours

Multiple CVE’s

Mozilla Thunderbird

Before 45.6

12/28/2016

Denial of Service, Security Bypass, Information Disclosure

Update after testing

Multiple CVE’s

Oracle Java

Before 6u131, 7u121, 8u112

1/17/2017

May be remotely exploitable

Update as soon as possible.

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.