November 2017 - Microsoft Releases 52 Security Patches

  Advisory Date: NOV 16, 2017

  DESCRIPTION

Microsoft addresses several vulnerabilities in its November batch of patches.

  • CVE-2017-8700 - ASP.NET Core Information Disclosure Vulnerability
    Risk Rating: Moderate

    A n information disclosure vulnerability exists in ASP.NET Core that allows bypassing Cross-origin Resource Sharing (CORS) configurations. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application. The security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.


  • CVE-2017-11770 - .NET CORE Denial Of Service Vulnerability
    Risk Rating: Important

    A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core web application. The update addresses the vulnerability by correcting how the .NET Core web application handles parsing certificate data.


  • CVE-2017-11788 - Windows Search Denial of Service Vulnerability
    Risk Rating: Important

    A denial of service vulnerability exists when Windows Search improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. The security update addresses the vulnerability by correcting how Windows Search handles objects in memory.


  • CVE-2017-11791 - Scripting Engine Information Disclosure Vulnerability
    Risk Rating: Low

    An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by changing how the scripting engine handles objects in memory.


  • CVE-2017-11803 - Microsoft Edge Information Disclosure Vulnerability
    Risk Rating: Low

    An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


  • CVE-2017-11827 - Microsoft Browser Memory Corruption Vulnerability
    Risk Rating: Low

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.


  • CVE-2017-11830 - Device Guard Security Feature Bypass Vulnerability
    Risk Rating: Important

    A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. The update addresses the vulnerability by correcting how Device Guard handles untrusted files.


  • CVE-2017-11831 - Windows Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory.


  • CVE-2017-11832 - Windows EOT Font Engine Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. The security update addresses the vulnerability by correcting how the Windows EOT font engine handles embedded fonts.


  • CVE-2017-11833 - Microsoft Edge Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. The security update addresses the vulnerability by correcting how Microsoft Edge handles cross-origin requests.


  • CVE-2017-11837 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11839 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11841 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11844 - Microsoft Edge Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


  • CVE-2017-11845 - Microsoft Edge Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


  • CVE-2017-11851 - Windows Kernel Information Disclosure Vulnerability
    Risk Rating: Important

    A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.


  • CVE-2017-11856 - Internet Explorer Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory.


  • CVE-2017-11861 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11862 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11863 - Microsoft Edge Security Feature Bypass Vulnerability
    Risk Rating: Important

    A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. The security update addresses the bypass by correcting how the Edge CSP validates documents.


  • CVE-2017-11870 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11872 - Microsoft Edge Security Feature Bypass Vulnerability
    Risk Rating: Important

    A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross-Origin Resource Sharing (CORS) redirect restrictions, and to follow redirect requests that should otherwise be ignored. The security update addresses the vulnerability by modifying how affected Microsoft Edge handles redirect requests.


  • CVE-2017-11873 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11874 - Microsoft Edge Security Feature Bypass Vulnerability
    Risk Rating: Low

    A security feature bypass vulnerability exists in Microsoft Edge as a result of how memory is accessed in code compiled by the Edge Just-In-Time (JIT) compiler that allows Control Flow Guard (CFG) to be bypassed. By itself, this CFG bypass vulnerability does not allow arbitrary code execution. However, an attacker could use the CFG bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code on a target system. The security update addresses the CFG bypass vulnerability by helping to ensure that Microsoft Edge properly handles accessing memory in code compiled by the Edge JIT compiler.


  • CVE-2017-11876 - Microsoft Project Server Elevation of Privilege Vulnerability
    Risk Rating: Moderate

    An elevation of privilege vulnerability exists in Microsoft Project when Microsoft Project Server does not properly manage user sessions. For this Cross-site Request Forgery(CSRF/XSRF) vulnerability to be exploited, the victim must be authenticated to (logged on) the target site. The update addresses the vulnerability by modifying how Microsoft Project Server manages user session authentication.


  • CVE-2017-11877 - Microsoft Excel Security Feature Bypass Vulnerability
    Risk Rating: Important

    A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. To successfully exploit the vulnerability, an attacker would have to embed a control in an Excel worksheet that specifies a macro should be run. The security update addresses the vulnerability by enforcing macro settings on Excel documents.


  • CVE-2017-11878 - Microsoft Excel Memory Corruption Vulnerability
    Risk Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. The security update addresses the vulnerability by correcting how Microsoft Office handles objects in memory.


  • CVE-2017-11768 - Windows Media Player Information Disclosure Vulnerability
    Risk Rating: Important

    An information vulnerability exists when Windows Media Player improperly discloses file information. To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially crafted application. The update addresses the vulnerability by changing the way Windows Media Player discloses file information.


  • CVE-2017-11883 - ASP.NET Core Denial Of Service Vulnerability
    Risk Rating: Important

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a ASP.NET Core web application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.


  • CVE-2017-11884 - Microsoft Office Memory Corruption Vulnerability
    Risk Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. The security update addresses the vulnerability by correcting how Microsoft Office handles objects in memory.


  • CVE-2017-11834 - Scripting Engine Information Disclosure Vulnerability
    Risk Rating: Low

    An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by changing how the scripting engine handles objects in memory.


  • CVE-2017-11835 - Windows EOT Font Engine Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. The security update addresses the vulnerability by correcting how the Windows EOT font engine handles embedded fonts.


  • CVE-2017-11836 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11838 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11840 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11843 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11842 - Windows Kernel Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory.


  • CVE-2017-11846 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11847 - Windows Kernel Elevation of Privilege Vulnerability
    Risk Rating: Important

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


  • CVE-2017-11848 - Internet Explorer Information Disclosure Vulnerability
    Risk Rating: Moderate

    An information disclosure vulnerability exists when Internet Explorer improperly handles page content, which could allow an attacker to detect the navigation of the user leaving a maliciously crafted page. The security update addresses the vulnerability by changing how page content is handled by Internet Explorer.


  • CVE-2017-11849 - Windows Kernel Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory.


  • CVE-2017-11850 - Microsoft Graphics Component Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.


  • CVE-2017-11852 - Windows GDI Information Disclosure Vulnerability
    Risk Rating: Important

    A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.


  • CVE-2017-11853 - Windows Kernel Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory.


  • CVE-2017-11855 - Internet Explorer Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory.


  • CVE-2017-11854 - Microsoft Word Memory Corruption Vulnerability
    Risk Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. The security update addresses the vulnerability by correcting how Microsoft Office handles objects in memory.


  • CVE-2017-11866 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11858 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.


  • CVE-2017-11869 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory.


  • CVE-2017-11871 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Moderate

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


  • CVE-2017-11879 - ASP.NET Core Elevation Of Privilege Vulnerability
    Risk Rating: Important

    An open redirect vulnerability exists in ASP.NET Core that could lead to elevation of privilege. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. The update addresses the vulnerability by correcting how ASP.NET Core handles open redirect requests.


  • CVE-2017-11880 - Windows Information Disclosure Vulnerability
    Risk Rating: Important

    An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.


  • CVE-2017-11882 - Microsoft Office Memory Corruption Vulnerability
    Risk Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. The security update addresses the vulnerability by correcting how the affected Office component handles objects in memory.


  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection and IDF Compatibility
CVE-2017-11855 1008635 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11855) 14-Nov-17 YES
CVE-2107-11856 1008636 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11856) 14-Nov-17 YES
CVE-2017-11845 1008637 Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11845) 14-Nov-17 YES
CVE-2017-11840 1008638 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11840) 14-Nov-17 YES
CVE-2017-11841 1008639 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11841) 14-Nov-17 YES
CVE-2017-11861 1008640 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11861) 14-Nov-17 YES
CVE-2017-11873 1008642 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11873) 14-Nov-17 YES
CVE-2017-11878 1008642 Microsoft Excel Memory Corruption Vulnerability (CVE-2017-11878) 14-Nov-17 YES
CVE-2017-11791 1008643 Microsoft Internet Explorer And Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-11791) 14-Nov-17 YES
CVE-2017-11791 1008643 Microsoft Internet Explorer And Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-11791) 14-Nov-17 YES
CVE-2017-11837 1008642 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11837) 14-Nov-17 YES
CVE-2017-11843 1008642 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11843) 14-Nov-17 YES
CVE-2017-11846 1008642 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11846) 14-Nov-17 YES
CVE-2017-11858 1008642 Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11858) 14-Nov-17 YES
CVE-2017-11869 1008642 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-11869) 14-Nov-17 YES
CVE-2017-11847 1008642 Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-11847) 14-Nov-17 YES
CVE-2017-11854 1008642 Microsoft Word Memory Corruption Vulnerability (CVE-2017-11854) 14-Nov-17 YES

Featured Stories