Patch Analysis for March 2017

Welcome to this March Patch Monday Bulletin. This is a fairly typical month with patches for Flash, Shockwave, iTunes, Chrome and Firefox. There are no known active attacks exploiting any of the vulnerabilities that are being patched this month. A zero day vulnerability was found in Firefox at the annual Pwn2Own hacking contest. The good news is that Mozilla was able to create a patch and make it available in short notice. Start this month with Adobe Flash and then follow up with Firefox or Chrome depending on their presence in your environment. Finish your third party patching with iTunes for Windows and Adobe Shockwave player.

LOGbinder: Feed Your SIEM a High Nutrition Diet

To achieve compliance and to stop APTs, your security analysts need to see what’s happening in your applications and on your endpoints.

Unleash the power of native Windows Event Collection with Supercharger and track every endpoint with no agents, no polling and no noise.

Put application audit logs where they belong – in your SIEM. Then correlate application security intelligence with the rest of your security activity. But getting application audit logs into your SIEM is surprisingly difficult. LOGbinder bridges the gap for a growing number of applications.

Patch data provided by:

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

Multiple CVE’s

Adobe Flash

Win/Mac/Linux 24.0.0.221 and earlier

3/14/2017

Arbitrary Code Execution

Critical Priority 1: Update within 72 hours

CVE-2017-2983

Adobe Shockwave Player

Win

12.2.7.197 and earlier

3/14/2017

Escalation of Privileges

Important Priority 2: Update within 30 days

Multiple CVE’s

Apple iTunes

Win

Before 12.6

3/21/2017

Arbitrary Code Execution, Denial of Service, Information Disclosure

Update after testing

Multiple CVE’s

Google Chrome

Win/Mac/Linux before 57.0.2987.110

3/16/2017

Denial of Service, Information Disclosure, Spoofing, Security Bypass

Update as soon as possible

Multiple CVE’s

Firefox

Before 52.0.1/ESR 52.0.1

3/17/2017

Security Bypass, Denial of Service, Information Disclosure, Spoofing

Update as soon as possible

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.