API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 18th, 2017
219
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.77 KB | None | 0 0
raw download clone embed print report
  1. ================================
  2. Make MS Bulletin Great Again / MMSBGA
  3. --------------------------------
  4. Microsoft Security Bulletin for: 11-2017
  5. Update ID:{2017-Nov}
  6. Release date:{2017-11-16T08:00:00Z}
  7. Real release date:{2017-11-16T08:00:00Z} (mmsbga patch)
  8. Alias:{2017-Nov}
  9. Title:{November 2017 Security Updates}
  10. --------------------------------
  11.  
  12. MS17-148 Vulnerabilities in Internet Explorer (12 CVE)
  13. Affected:
  14. ChakraCore
  15. Internet Explorer 10 on Windows Server 2012
  16. Internet Explorer 11 on Windows 10 Version 1511 for 32-bit Systems
  17. Internet Explorer 11 on Windows 10 Version 1511 for x64-based Systems
  18. Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
  19. Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
  20. Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems
  21. Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems
  22. Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
  23. Internet Explorer 11 on Windows 10 Version 1709 for 64-based Systems
  24. Internet Explorer 11 on Windows 10 for 32-bit Systems
  25. Internet Explorer 11 on Windows 10 for x64-based Systems
  26. Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
  27. Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
  28. Internet Explorer 11 on Windows 8.1 for 32-bit systems
  29. Internet Explorer 11 on Windows 8.1 for x64-based systems
  30. Internet Explorer 11 on Windows RT 8.1
  31. Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  32. Internet Explorer 11 on Windows Server 2012 R2
  33. Internet Explorer 11 on Windows Server 2016
  34. Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
  35. Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
  36. Microsoft Edge on Windows 10 Version 1511 for 32-bit Systems
  37. Microsoft Edge on Windows 10 Version 1511 for x64-based Systems
  38. Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems
  39. Microsoft Edge on Windows 10 Version 1607 for x64-based Systems
  40. Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems
  41. Microsoft Edge on Windows 10 Version 1703 for x64-based Systems
  42. Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems
  43. Microsoft Edge on Windows 10 Version 1709 for 64-based Systems
  44. Microsoft Edge on Windows 10 for 32-bit Systems
  45. Microsoft Edge on Windows 10 for x64-based Systems
  46. Microsoft Edge on Windows Server 2016
  47. Exploit:
  48. 9 x Remote Code Execution
  49. 3 x Information Disclosure
  50. Published: CVE-2017-11848, CVE-2017-11827
  51. Credits:
  52. The UK s National Cyber Security Centre (NCSC) (CVE-2017-11838)
  53. Hui Gao and Zhanglin He de Palo Alto Networks, Anonymous par Trend Micro's Zero Day Initiative (CVE-2017-11856)
  54. Hui Gao de Palo Alto Networks and Heige (a.k.a. SuperHei) de Knownsec 404 Security Team (CVE-2017-11855)
  55. Wei de Qihoo 360 Vulcan Team, Qixun Zhao de Qihoo 360 Vulcan Team (CVE-2017-11837)
  56. Yuki Chen de Qihoo 360 Vulcan team (CVE-2017-11846)
  57. Hui Gao de Palo Alto Networks (CVE-2017-11834, CVE-2017-11791)
  58. Anonymous par Trend Micro's Zero Day Initiative (CVE-2017-11869)
  59. Huang Anwen de ichunqiu Ker Team par Trend Micro's Zero Day Initiative (CVE-2017-11858)
  60. Cybellum Technologies LTD (CVE-2017-11827)
  61. Wei de Qihoo 360 Vulcan Team (CVE-2017-11843)
  62. ? (CVE-2017-11848)
  63.  
  64. MS17-149 Vulnerabilities in Edge (24 CVE)
  65. Affected:
  66. ChakraCore
  67. Internet Explorer 10 on Windows Server 2012
  68. Internet Explorer 11 on Windows 10 Version 1511 for 32-bit Systems
  69. Internet Explorer 11 on Windows 10 Version 1511 for x64-based Systems
  70. Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
  71. Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
  72. Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems
  73. Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems
  74. Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
  75. Internet Explorer 11 on Windows 10 Version 1709 for 64-based Systems
  76. Internet Explorer 11 on Windows 10 for 32-bit Systems
  77. Internet Explorer 11 on Windows 10 for x64-based Systems
  78. Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
  79. Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
  80. Internet Explorer 11 on Windows 8.1 for 32-bit systems
  81. Internet Explorer 11 on Windows 8.1 for x64-based systems
  82. Internet Explorer 11 on Windows RT 8.1
  83. Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  84. Internet Explorer 11 on Windows Server 2012 R2
  85. Internet Explorer 11 on Windows Server 2016
  86. Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
  87. Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
  88. Microsoft Edge on Windows 10 Version 1511 for 32-bit Systems
  89. Microsoft Edge on Windows 10 Version 1511 for x64-based Systems
  90. Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems
  91. Microsoft Edge on Windows 10 Version 1607 for x64-based Systems
  92. Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems
  93. Microsoft Edge on Windows 10 Version 1703 for x64-based Systems
  94. Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems
  95. Microsoft Edge on Windows 10 Version 1709 for 64-based Systems
  96. Microsoft Edge on Windows 10 for 32-bit Systems
  97. Microsoft Edge on Windows 10 for x64-based Systems
  98. Microsoft Edge on Windows Server 2016
  99. Exploit:
  100. 3 x Security Feature Bypass
  101. 17 x Remote Code Execution
  102. 4 x Information Disclosure
  103. Published: CVE-2017-11827
  104. Credits:
  105. The UK s National Cyber Security Centre (NCSC) (CVE-2017-11838)
  106. Hui Gao de Palo Alto Networks (CVE-2017-11791)
  107. Omair (CVE-2017-11845)
  108. Yuki Chen de Qihoo 360 Vulcan team (CVE-2017-11846)
  109. Omair, Debasish Mandal (@debasishm89) de McAfee IPS Vulnerability Research (CVE-2017-11844)
  110. Wei de Qihoo 360 Vulcan Team, Qixun Zhao de Qihoo 360 Vulcan Team (CVE-2017-11837)
  111. Stefano Calzavara and Alvise Rabitti de Universit Ca'Foscari, Venezia (CVE-2017-11863)
  112. Alexander Inf hr (@insertScript) de Cure53 (CVE-2017-11833)
  113. Liu Long de Qihoo 360Vulcan Team (CVE-2017-11803)
  114. Microsoft ChakraCore Team (CVE-2017-11836, CVE-2017-11862)
  115. Ivan Fratric de Google Project Zero. (CVE-2017-11874)
  116. Huang Anwen de ichunqiu Ker Team par Trend Micro's Zero Day Initiative (CVE-2017-11858)
  117. Prakash Sharma (@1lastBr3ath) (CVE-2017-11872)
  118. Cybellum Technologies LTD (CVE-2017-11827)
  119. Wei de Qihoo 360 Vulcan Team (CVE-2017-11843)
  120. ? (CVE-2017-11871, CVE-2017-11870, CVE-2017-11866)
  121. Lokihardt de Google Project Zero (CVE-2017-11839, CVE-2017-11873, CVE-2017-11840, CVE-2017-11841, CVE-2017-11861)
  122.  
  123. MS17-150 Vulnerabilities in Windows Kernel (5 CVE)
  124. Affected:
  125. Windows 10 Version 1511 for 32-bit Systems
  126. Windows 10 Version 1511 for x64-based Systems
  127. Windows 10 Version 1607 for 32-bit Systems
  128. Windows 10 Version 1607 for x64-based Systems
  129. Windows 10 Version 1703 for 32-bit Systems
  130. Windows 10 Version 1703 for x64-based Systems
  131. Windows 10 Version 1709 for 32-bit Systems
  132. Windows 10 Version 1709 for 64-based Systems
  133. Windows 10 for 32-bit Systems
  134. Windows 10 for x64-based Systems
  135. Windows 7 for 32-bit Systems Service Pack 1
  136. Windows 7 for x64-based Systems Service Pack 1
  137. Windows 8.1 for 32-bit systems
  138. Windows 8.1 for x64-based systems
  139. Windows RT 8.1
  140. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  141. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  142. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  143. Windows Server 2008 for 32-bit Systems Service Pack 2
  144. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  145. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  146. Windows Server 2008 for x64-based Systems Service Pack 2
  147. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  148. Windows Server 2012
  149. Windows Server 2012 (Server Core installation)
  150. Windows Server 2012 R2
  151. Windows Server 2012 R2 (Server Core installation)
  152. Windows Server 2016
  153. Windows Server 2016 (Server Core installation)
  154. Windows Server, version 1709 (Server Core Installation)
  155. Exploit:
  156. 4 x Information Disclosure
  157. 1 x Elevation of Privilege
  158. Credits:
  159. Mateusz Jurczyk de Google Project Zero (CVE-2017-11853)
  160. nyaacate de Viettel Cyber Security par Trend Micro's Zero Day Initiative (CVE-2017-11847)
  161. Georgios Baltas de MSRC Vulnerabilities & Mitigations Team (CVE-2017-11842)
  162. fanxiaocao and pjf de IceSword Lab, Qihoo 360 (CVE-2017-11849)
  163. Marcin Wiazowski par Trend Micro's Zero Day Initiative (CVE-2017-11851)
  164.  
  165. MS17-151 Vulnerabilities in Office (5 CVE)
  166. Affected:
  167. Microsoft Excel 2016 Click-to-Run (C2R) for 32-bit editions
  168. Microsoft Excel 2016 Click-to-Run (C2R) for 64-bit editions
  169. Microsoft Excel 2007 Service Pack 3
  170. Microsoft Excel 2010 Service Pack 2 (32-bit editions)
  171. Microsoft Excel 2010 Service Pack 2 (64-bit editions)
  172. Microsoft Excel 2013 RT Service Pack 1
  173. Microsoft Excel 2013 Service Pack 1 (32-bit editions)
  174. Microsoft Excel 2013 Service Pack 1 (64-bit editions)
  175. Microsoft Excel 2016 (32-bit edition)
  176. Microsoft Excel 2016 (64-bit edition)
  177. Microsoft Excel 2016 for Mac
  178. Microsoft Excel Viewer 2007 Service Pack 3
  179. Microsoft Office 2007 Service Pack 3
  180. Microsoft Office 2010 Service Pack 2 (32-bit editions)
  181. Microsoft Office 2010 Service Pack 2 (64-bit editions)
  182. Microsoft Office 2013 Service Pack 1 (32-bit editions)
  183. Microsoft Office 2013 Service Pack 1 (64-bit editions)
  184. Microsoft Office 2016 (32-bit edition)
  185. Microsoft Office 2016 (64-bit edition)
  186. Microsoft Office Compatibility Pack Service Pack 3
  187. Microsoft Word 2007 Service Pack 3
  188. Microsoft Word 2010 Service Pack 2 (32-bit editions)
  189. Microsoft Word 2010 Service Pack 2 (64-bit editions)
  190. Exploit:
  191. 4 x Remote Code Execution
  192. 1 x Security Feature Bypass
  193. Credits:
  194. Wayne Low (@x9090) de Fortinet s FortiGuard Lab (CVE-2017-11854)
  195. Jonathan BirchMicrosoft Corporation (CVE-2017-11877)
  196. Dhanesh KizhakkinanFireEye Inc (CVE-2017-11884)
  197. Denis Selianin from Embedi (CVE-2017-11882)
  198. Jaanus Kp Clarified Security par Trend Micro's Zero Day Initiative (CVE-2017-11878)
  199.  
  200. MS17-152 Vulnerabilities in Microsoft Graphics (GDI) (4 CVE)
  201. Affected:
  202. Windows 10 Version 1511 for 32-bit Systems
  203. Windows 10 Version 1511 for x64-based Systems
  204. Windows 10 Version 1607 for 32-bit Systems
  205. Windows 10 Version 1607 for x64-based Systems
  206. Windows 10 Version 1703 for 32-bit Systems
  207. Windows 10 Version 1703 for x64-based Systems
  208. Windows 10 Version 1709 for 32-bit Systems
  209. Windows 10 Version 1709 for 64-based Systems
  210. Windows 10 for 32-bit Systems
  211. Windows 10 for x64-based Systems
  212. Windows 7 for 32-bit Systems Service Pack 1
  213. Windows 7 for x64-based Systems Service Pack 1
  214. Windows 8.1 for 32-bit systems
  215. Windows 8.1 for x64-based systems
  216. Windows RT 8.1
  217. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  218. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  219. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  220. Windows Server 2008 for 32-bit Systems Service Pack 2
  221. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  222. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  223. Windows Server 2008 for x64-based Systems Service Pack 2
  224. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  225. Windows Server 2012
  226. Windows Server 2012 (Server Core installation)
  227. Windows Server 2012 R2
  228. Windows Server 2012 R2 (Server Core installation)
  229. Windows Server 2016
  230. Windows Server 2016 (Server Core installation)
  231. Windows Server, version 1709 (Server Core Installation)
  232. Exploit:
  233. 4 x Information Disclosure
  234. Credits:
  235. Wayne Low (@x9090) de Fortinet s FortiGuard Lab (CVE-2017-11832)
  236. kdot par Trend Micro's Zero Day Initiative, Hossein Lotfi, Secunia Research at Flexera Software, Wayne Low (@x9090) de Fortinet s FortiGuard Lab (CVE-2017-11835)
  237. Team "Pwn4Fun" from Best de Best ( BOB ) (CVE-2017-11852)
  238. fanxiaocao and pjf de IceSword Lab, Qihoo 360 (CVE-2017-11850)
  239.  
  240. MS17-153 Vulnerabilities in ASP.NET (3 CVE)
  241. Affected:
  242. ASP.NET Core 1.0
  243. ASP.NET Core 1.1
  244. ASP.NET Core 2.0
  245. Exploit:
  246. 1 x Denial of Service
  247. 1 x Information Disclosure
  248. 1 x Elevation of Privilege
  249. Published: CVE-2017-8700, CVE-2017-11883
  250. Credits:
  251. K vin Chalet (CVE-2017-11879)
  252. ? (CVE-2017-8700, CVE-2017-11883)
  253.  
  254. MS17-154 Vulnerabilities in Windows (2 CVE)
  255. Affected:
  256. Windows 10 Version 1511 for 32-bit Systems
  257. Windows 10 Version 1511 for x64-based Systems
  258. Windows 10 Version 1607 for 32-bit Systems
  259. Windows 10 Version 1607 for x64-based Systems
  260. Windows 10 Version 1703 for 32-bit Systems
  261. Windows 10 Version 1703 for x64-based Systems
  262. Windows 10 Version 1709 for 32-bit Systems
  263. Windows 10 Version 1709 for 64-based Systems
  264. Windows 10 for 32-bit Systems
  265. Windows 10 for x64-based Systems
  266. Windows 7 for 32-bit Systems Service Pack 1
  267. Windows 7 for x64-based Systems Service Pack 1
  268. Windows 8.1 for 32-bit systems
  269. Windows 8.1 for x64-based systems
  270. Windows RT 8.1
  271. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  272. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  273. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  274. Windows Server 2008 for 32-bit Systems Service Pack 2
  275. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  276. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  277. Windows Server 2008 for x64-based Systems Service Pack 2
  278. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  279. Windows Server 2012
  280. Windows Server 2012 (Server Core installation)
  281. Windows Server 2012 R2
  282. Windows Server 2012 R2 (Server Core installation)
  283. Windows Server 2016
  284. Windows Server 2016 (Server Core installation)
  285. Windows Server, version 1709 (Server Core Installation)
  286. Exploit:
  287. 2 x Information Disclosure
  288. Credits:
  289. Mateusz Jurczyk de Google Project Zero (CVE-2017-11831)
  290. Mateusz Jurczyk de Google Project zero (CVE-2017-11880)
  291.  
  292. MS17-155 Vulnerability in Windows Media Player (1 CVE)
  293. Affected:
  294. Windows 10 Version 1511 for 32-bit Systems
  295. Windows 10 Version 1511 for x64-based Systems
  296. Windows 10 Version 1607 for 32-bit Systems
  297. Windows 10 Version 1607 for x64-based Systems
  298. Windows 10 Version 1703 for 32-bit Systems
  299. Windows 10 Version 1703 for x64-based Systems
  300. Windows 10 Version 1709 for 32-bit Systems
  301. Windows 10 Version 1709 for 64-based Systems
  302. Windows 10 for 32-bit Systems
  303. Windows 10 for x64-based Systems
  304. Windows 7 for 32-bit Systems Service Pack 1
  305. Windows 7 for x64-based Systems Service Pack 1
  306. Windows 8.1 for 32-bit systems
  307. Windows 8.1 for x64-based systems
  308. Windows RT 8.1
  309. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  310. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  311. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  312. Windows Server 2012
  313. Windows Server 2012 (Server Core installation)
  314. Windows Server 2012 R2
  315. Windows Server 2012 R2 (Server Core installation)
  316. Windows Server 2016
  317. Windows Server 2016 (Server Core installation)
  318. Windows Server, version 1709 (Server Core Installation)
  319. Exploit:
  320. 1 x Information Disclosure
  321. Credits:
  322. James Lee de Kryptos Logic (CVE-2017-11768)
  323.  
  324. MS17-156 Vulnerability in .Net (1 CVE)
  325. Affected:
  326. .NET Core 1.0
  327. .NET Core 1.1
  328. .NET Core 2.0
  329. Exploit:
  330. 1 x Denial of Service
  331. Credits:
  332. Bachraty Gergely (CVE-2017-11770)
  333.  
  334. MS17-157 Vulnerability in Device Guard (1 CVE)
  335. Affected:
  336. Windows 10 Version 1511 for 32-bit Systems
  337. Windows 10 Version 1511 for x64-based Systems
  338. Windows 10 Version 1607 for 32-bit Systems
  339. Windows 10 Version 1607 for x64-based Systems
  340. Windows 10 Version 1703 for 32-bit Systems
  341. Windows 10 Version 1703 for x64-based Systems
  342. Windows 10 Version 1709 for 32-bit Systems
  343. Windows 10 Version 1709 for 64-based Systems
  344. Windows 10 for 32-bit Systems
  345. Windows 10 for x64-based Systems
  346. Windows Server 2016
  347. Windows Server 2016 (Server Core installation)
  348. Windows Server, version 1709 (Server Core Installation)
  349. Exploit:
  350. 1 x Security Feature Bypass
  351. Credits:
  352. James Forshaw de Google Project Zero (CVE-2017-11830)
  353.  
  354. MS17-158 Vulnerability in Windows Search (1 CVE)
  355. Affected:
  356. Windows 10 Version 1511 for 32-bit Systems
  357. Windows 10 Version 1511 for x64-based Systems
  358. Windows 10 Version 1607 for 32-bit Systems
  359. Windows 10 Version 1607 for x64-based Systems
  360. Windows 10 Version 1703 for 32-bit Systems
  361. Windows 10 Version 1703 for x64-based Systems
  362. Windows 10 for 32-bit Systems
  363. Windows 10 for x64-based Systems
  364. Windows 7 for 32-bit Systems Service Pack 1
  365. Windows 7 for x64-based Systems Service Pack 1
  366. Windows 8.1 for 32-bit systems
  367. Windows 8.1 for x64-based systems
  368. Windows RT 8.1
  369. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  370. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  371. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  372. Windows Server 2008 for 32-bit Systems Service Pack 2
  373. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  374. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  375. Windows Server 2008 for x64-based Systems Service Pack 2
  376. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  377. Windows Server 2012
  378. Windows Server 2012 (Server Core installation)
  379. Windows Server 2012 R2
  380. Windows Server 2012 R2 (Server Core installation)
  381. Windows Server 2016
  382. Windows Server 2016 (Server Core installation)
  383. Windows Server, version 1709 (Server Core Installation)
  384. Exploit:
  385. 1 x Denial of Service
  386. Credits:
  387. Lei Shi de Qihoo 360 Inc (CVE-2017-11788)
  388.  
  389. MS17-159 Vulnerability in SharePoint (1 CVE)
  390. Affected:
  391. Microsoft Project Server 2013 Service Pack 1
  392. Microsoft SharePoint Enterprise Server 2016
  393. Exploit:
  394. 1 x Elevation of Privilege
  395. Credits:
  396. ? (CVE-2017-11876)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!