Patch Analysis for April 2017

Welcome to this April Patch Monday bulletin. This month delivers patches from Adobe, Google, Chrome and Oracle. Adobe remediated a large quantity of CVE’s for their products this month but so far there were no reported attacks in the wild. Take a look at Flash and then Acrobat/Reader first thing this month since they had the bulk of vulnerabilities affecting them and are targets for attacks. Review the remaining Adobe products to see if they are present in your environment and apply the patches as necessary. Two non-Microsoft browsers were patched this month but pay special attention to Mozilla. There were numerous vulnerabilities that could potentially result in arbitrary code execution and an array of other possible attacks. Google Chrome suffered from numerous vulnerabilities as well but they did not appear to be as severe as Firefox. Oracle released 8 new security fixes for Java this month. There were no known attacks on Java at the moment and the vulnerability details are limited but plan to follow your quarterly Java update plan (or create one if you do not have one).

LOGbinder: Feed Your SIEM a High Nutrition Diet

To achieve compliance and to stop APTs, your security analysts need to see what's happening in your applications and on your endpoints Unleash the power of native Windows Event Collection with Supercharger and track every endpoint with no agents, no polling and no noise. Put application audit logs where they belong – in your SIEM. Then correlate application security intelligence with the rest of your security activity. But getting application audit logs into your SIEM is surprisingly difficult. LOGbinder bridges the gap for a growing number of applications

So, without further ado, here's the chart of non-MS patches that affect Windows platforms in the past month.

Patch data provided by:

 

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

CVE-2017-2989

Adobe Campaign

Win/Linux

Build 8770 and earlier

4/11/2017

Security Bypass, Data Corruption

Important Priority 2: Update within 30 days

Multiple CVE’s

Adobe Flash Player

Win/Mac/Linux 25.0.0.127 and earlier

4/11/2017

Arbitrary Code Execution

Critical Priority 1: Update within 72 hours

Multiple CVE’s

Adobe Acrobat/Reader

DC Continuous 15.023.20070 and earlier versions

DC Classic 15.006.30280 and earlier versions

XI Desktop 11.0.19 and earlier versions

4/6/2017

Arbitrary Code Execution

Critical Priority 2: Update within 30 days

Multiple CVE’s

Adobe Photoshop

Photoshop 2017  18.0.1 and earlier versions

Photoshop 2015.5 17.0.1 (2015.5.1) and earlier versions

4/11/2017

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Creative Cloud Desktop Application

Creative Cloud 3.9.5.353 and earlier versions

4/11/2017

Improper Resource Permissions

Important Priority 3: Update at admin’s discretion

Multiple CVE’s

Google Chrome

Before 58.0.3029.81

4/19/2017

Spoofing, Security Bypass

Update after testing

Multiple CVE’s

Mozilla Firefox

Before 53/ESR 52.1

4/19/2017

Denial of Service, Cross Site Scripting, Information Disclosure, Security Bypass, Privilege Escalation

Update as soon as possible

Multiple CVE’s

Mozilla Thunderbird

Before 52

4/5/2017

Security Bypass, Denial of Service, Security Bypass, Information Disclosure

Update after testing

Multiple CVE’s

Oracle Java

Java SE

6u141, 7u131, 8u121

4/18/2017

Confidentiality, Integrity and Availability

Update as soon as possible

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

 

Additional Resources