SonicWall Security Center
Share: Linkedin Share Facebook Like
Back to SonicALERT


Microsoft Security Bulletin Coverage (April 12, 2017)



Description


SonicWall has analyzed and addressed Microsoft and Adobe's security advisories for the month of April, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

  • CVE-2017-0058 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0093 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0106 Microsoft Outlook Remote Code Execution Vulnerability
    SPY:4460 Malformed-File rtf.MP.18

  • CVE-2017-0155 Windows Graphics Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0156 Windows Graphics Component Elevation of Privilege Vulnerability
    SPY:1450 Malformed-File exe.MP.30

  • CVE-2017-0158 Scripting Engine Memory Corruption Vulnerability
    IPS:12715 Scripting Engine Memory Corruption Vulnerability (APR 17) 2

  • CVE-2017-0159 ADFS Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0160 .NET Remote Code Execution Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0162 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0163 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0164 Active Directory Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0165 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0166 LDAP Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0167 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0168 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0169 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0178 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0179 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0180 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0181 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0182 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0183 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0184 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0185 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0186 Hyper-V Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0188 Win32k Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0189 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0191 Windows Denial of Service Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0192 ATMFD.dll Information Disclosure Vulnerability
    SPY:1433 Malformed-File pfb.MP.2

  • CVE-2017-0194 Microsoft Office Memory Corruption Vulnerability
    IPS:12716 Microsoft Office Memory Corruption Vulnerability (APR 17)

  • CVE-2017-0195 Microsoft Office XSS Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0197 Office DLL Loading Vulnerability
    IPS:12718 ceutil.dll Insecure Library Loading

  • CVE-2017-0199 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API
    SPY:1446 Malformed-File rtf.MP.17

  • CVE-2017-0200 Microsoft Edge Memory Corruption Vulnerability
    IPS:12717 Microsoft Edge Memory Corruption Vulnerability (APR 17) 2

  • CVE-2017-0201 Scripting Engine Memory Corruption Vulnerability
    IPS:12708 Scripting Engine Memory Corruption Vulnerability (APR 17) 1

  • CVE-2017-0202 Internet Explorer Memory Corruption Vulnerability
    IPS:12709 Internet Explorer Memory Corruption Vulnerability (APR 17) 1

  • CVE-2017-0203 Microsoft Edge Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0204 Microsoft Office Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0205 Microsoft Edge Memory Corruption Vulnerability
    IPS:12710 Microsoft Edge Memory Corruption Vulnerability (APR 17) 1

  • CVE-2017-0207 Microsoft Office Spoofing Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0208 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.

  • CVE-2017-0210 Internet Explorer Elevation of Privilege Vulnerability
    IPS:12712 Internet Explorer Elevation of Privilege (APR 17) 1

  • CVE-2017-0211 Windows OLE Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

  • CVE-2013-6629 libjpeg Information Disclosure Vulnerability
    There are no known exploits in the wild.


Adobe Coverage

APSB17-10 Security updates for Adobe Flash Player:

  • CVE-2017-3058 Adobe Flash Player Use After Free Vulnerability
    Spy:1417 Malformed-File swf.MP.549

  • CVE-2017-3059 Adobe Flash Player Use After Free Vulnerability
    Spy:1418 Malformed-File swf.MP.550

  • CVE-2017-3060 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1419 Malformed-File swf.MP.551

  • CVE-2017-3061 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1420 Malformed-File swf.MP.552

  • CVE-2017-3062 Adobe Flash Player Use After Free Vulnerability
    Spy:1421 Malformed-File swf.MP.553

  • CVE-2017-3063 Adobe Flash Player Use After Free Vulnerability
    Spy:1422 Malformed-File swf.MP.554

  • CVE-2017-3064 Adobe Flash Player Memory Corruption Vulnerability
    Spy:1423 Malformed-File swf.MP.555

APSB17-11 Security Updates for Adobe Acrobat and Reader:

  • CVE-2017-3013 Adobe Acrobat Reader Insecure Library Loading Vulnerability
    Spy:1406 Malformed-File pdf.MP.219

  • CVE-2017-3014 Adobe Acrobat Reader Use After Free Vulnerability
    Spy:1407 Malformed-File pdf.MP.220

  • CVE-2017-3017 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1408 Malformed-File pdf.MP.221

  • CVE-2017-3019 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1409 Malformed-File pdf.MP.222

  • CVE-2017-3020 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1410 Malformed-File pdf.MP.223

  • CVE-2017-3021 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1411 Malformed-File pdf.MP.224

  • CVE-2017-3022 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1412 Malformed-File pdf.MP.225

  • CVE-2017-3023 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1413 Malformed-File pdf.MP.226

  • CVE-2017-3024 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1414 Malformed-File pdf.MP.227

  • CVE-2017-3025 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1415 Malformed-File pdf.MP.228

  • CVE-2017-3026 Adobe Acrobat Reader Use After Free Vulnerability
    Spy:1416 Malformed-File pdf.MP.229

  • CVE-2017-3029 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1405 Malformed-File pdf.MP.218

  • CVE-2017-3032 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1424 Malformed-File pdf.MP.235

  • CVE-2017-3033 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1432 Malformed-File pdf.MP.232

  • CVE-2017-3042 Adobe Acrobat Reader Heap Overflow Vulnerability
    Spy:1425 Malformed-File tif.MP.5
    Spy:1426 Malformed-File tif.MP.6
    Spy:1428 Malformed-File tif.MP.7

  • CVE-2017-3044 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1430 Malformed-File pdf.MP.230

  • CVE-2017-3045 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1431 Malformed-File pdf.MP.231

  • CVE-2017-3046 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1434 Malformed-File pdf.MP.233

  • CVE-2017-3047 Adobe Acrobat Reader Use After Free Vulnerability
    Spy:1435 Malformed-File pdf.MP.234

  • CVE-2017-3048 Adobe Acrobat Reader Heap Overflow Vulnerability
    Spy:1436 Malformed-File tif.MP.8

  • CVE-2017-3049 Adobe Acrobat Reader Heap Overflow Vulnerability
    Spy:1437 Malformed-File tif.MP.9

  • CVE-2017-3050 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1438 Malformed-File gif.MP.1

  • CVE-2017-3051 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:1441 Malformed-File jpg.MP.5

  • CVE-2017-3052 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1443 Malformed-File emf.MP.13
    Spy:1445 Malformed-File emf.MP.14


  • CVE-2017-3053 Adobe Acrobat Reader Memory Address Leak Vulnerability
    Spy:1447 Malformed-File jpg.MP.6

  • CVE-2017-3055 Adobe Acrobat Reader Heap Overflow Vulnerability
    Spy:1448 Malformed-File pdf.MP.237

  • CVE-2017-3056 Adobe Acrobat Reader Memory Corruption Vulnerability
    Spy:4237 Malformed-File pdf.MP.238

  • CVE-2017-3057 Adobe Acrobat Reader Use After Free Vulnerability
    Spy:1449 Malformed-File pdf.MP.236




Back to top

Back to SonicALERT

Follow: Follow us on Facebook Follow us on Twitter Join the Conversation
#SonicWall
© 2017 SonicWall | Privacy Policy | Conditions for use | Feedback | Live Demo | SonicALERT | Document Library | Report Issues
Version: 13.3 | S2MSW06