Microsoft’s Patch Tuesday Fixes 81 Holes

Wednesday, September 13, 2017 @ 02:09 PM gHale

Microsoft released fixes for 81 vulnerabilities in its monthly Patch Tuesday offering, including a .NET Framework Zero Day.

The September patch details a spoofing vulnerability in the Windows Bluetooth driver (CVE-2017-8628), which has been disclosed as part of the BlueBorne vulnerabilities. The flaw ended up patched in July, but Microsoft chose to delay releasing details about it until other vendors could develop and release updates.

Microsoft Patches 48 Security Woes
Microsoft Clears Outlook Holes
Microsoft Yanks Outlook Fixes
Patch Tuesday: Microsoft Fixes 54 Holes

Among the patched vulnerabilities is one suffering from exploitation. FireEye researchers found the flaw after they detected a malicious Microsoft Office RTF document that leveraged it.

Another vulnerability, CVE-2017-8759, in the Microsoft .NET Framework, ended up used in targeted attacks to deliver the FinSpy malware, sold by Germany-based Gamma Group.

“The CVE-2017-8759 vulnerability can allow remote code execution after users open a spam email, and double-click on an untrusted attachment and disable the Microsoft Office Protected View mode,” Microsoft said in a post. “The exploit uses Microsoft Word as the initial vector to reach the real vulnerable component, which is not related to Microsoft Office and which is responsible for certain SOAP-rendering functionalities through .NET classes.”

The update contains patches for two other publicly disclosed flaws: a Device Guard security feature bypass vulnerability (CVE-2017-8746), and a remote code execution vulnerability in the Broadcom chipsets used in HoloLens (CVE-2017-9417).

Leave a Reply

You must be logged in to post a comment.