May 2017 - Microsoft Releases Security Patches

  Advisory Date: MAY 10, 2017

  DESCRIPTION

Microsoft addresses several vulnerabilities in its May batch of patches:

  • CVE-2017-0290 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability
    Risk Rating: Critical

    This vulnerability allows attackers full access to a vulnerable system by exploiting Microsoft Malware Protection Engine's NScript component. It is a remote code execution vulnerability.


  • CVE-2017-0158 | Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This vulnerability in the VBScript engine of specific Windows operating systems exists in the way it handles objects in Internet Explorer memory.


  • CVE-2017-0261 | Microsoft Office Remote Code Execution Vulnerability
    Risk Rating: Important

    This recmote code execution vulnerability that exists in Microsoft Office in the way it handles malformed graphics image.


  • CVE-2017-0262 | Microsoft Office Remote Code Execution Vulnerability
    Risk Rating: Important

    This recmote code execution vulnerability that exists in Microsoft Office in the way it handles malformed graphics image.


  • CVE-2017-0064 | Internet Explorer Security Feature Bypass Vulnerability
    Risk Rating: Low

    This vulnerability exists in the way Internet Explorer allows bypass of Mixed Content warnings when loading unsecure content from HTTPS websites.


  • CVE-2017-0222 | Internet Explorer Memory Corruption Vulnerability
    Risk Rating: Moderate

    This vulnerability exists in the way Internet Explorer may incorrectly access objects in memory. It is a remote code execution vulnerability.


  • CVE-2017-0226 | Internet Explorer Memory Corruption Vulnerability
    Risk Rating: Important

    This vulnerability exists in the way Internet Explorer may incorrectly access objects in memory. It is a remote code execution vulnerability.


  • CVE-2017-0228 | Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the JavaScript engine's rendering of objects in memory in Microsoft Edge and Internet Explorer 11 browsers. It is a remote code execution vulnerability.


  • CVE-2017-0231 | Microsoft Browser Spoofing Vulnerability
    Risk Rating: Important

    This vulnerability exists in Internet Explorer 11 and Microsoft Edge browsers. The vulnerability lies in the rendering of SmartScreen Filter.


  • CVE-2017-0238 | Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Important

    This vulnerability exists in the Microsoft Edge browser's JavaScript scripting engine. The vulnerability lies in the way the engine handles objects in memory.


  TREND MICRO PROTECTION INFORMATION

The following Trend Micro products have released specific rules for CVE-2017-0290:

Product Rule Name
TippingPoint 28221: HTTP: Microsoft Malware Protection Engine mpengine Type Confusion Vulnerability
Deep Security and Vulnerability Protection 1008370 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CVE-2017-0290)

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection and IDF Compatibility
CVE-2017-0227 1008334 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0227) 10-May-17 YES
CVE-2017-0077, CVE-2017-0175, CVE-2017-0213, CVE-2017-0214, CVE-2017-0220, CVE-2017-0245, CVE-2017-0246, CVE-2017-0258, CVE-2017-0259, CVE-2017-0263 1008341 Microsoft Windows Multiple Security Vulnerabilities (May-2017) 10-May-17 YES
CVE-2017-0228 1008335 Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0228)) 10-May-17 YES
CVE-2017-0221 1008333 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0221) 10-May-17 YES
CVE-2017-0236 1008337 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0236) 10-May-17 YES
CVE-2017-0266 1008331 Microsoft Edge Remote Code Execution Vulnerability (CVE-2017-0266) 10-May-17 YES
CVE-2017-0234 1008336 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0234) 10-May-17 YES
CVE-2017-0064 1008367 Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2017-0064) 10-May-17 YES
CVE-2017-0238 1008338 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-0238) 10-May-17 YES
CVE-2017-0058 1008319 Microsoft Windows Information Disclosure Vulnerability (CVE-2017-0058) 10-May-17 YES
CVE-2017-0171 1008332 Microsoft DNS Server Denial Of Service Vulnerability (CVE-2017-0171) 10-May-17 NO
CVE-2017-0240 1008339 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0240) 10-May-17 YES

Featured Stories