Patch Tuesday: We Read the Security Bulletins So You Don't Have To May 2017

Here's something new: Microsoft's changed the way they number their bulletins. The previous model used security bulletin ID numbers; this method is being retired, and the new security bulletins will be identified by vulnerability ID numbers and KB Article ID numbers.

So we'll be changing how we present the information. We will be sorting out the security updates by application and by operating system. You can scan through for the ones that affect you, then see what you may want/need to install.

Internet Explorer

Cumulative security update for Internet Explorer — Security Update for Internet Explorer 9

Note: "This Security Update for Internet Explorer is not applicable for installation on a computer where the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from May 2017 (or a later month) is already installed. This is because those updates contain all fixes in this Security Update for Internet Explorer."

Microsoft Knowledge Base Article KB4019214 — Security Update for Internet Explorer 10

What vulnerabilities does this update fix? "This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Security updates to Microsoft Graphics Component, Windows COM, Windows Server, Windows Kernel and Microsoft Windows DNS."

Microsoft Knowledge Base Article KB4019215 — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes improvements and fixes that were a part of update KB4015553 (released April 18, 2017) and also resolves the following: Updated Internet Explorer 11’s New Tab Page with an integrated newsfeed; Security updates to Microsoft Graphics Component, Microsoft Windows DNS, Windows COM, Windows Server, Windows kernel, and Internet Explorer."

Microsoft Knowledge Base Article KB44019264 — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes improvements and fixes that were a part of update KB4015553 (released April 18, 2017) and also resolves the following: Updated Internet Explorer 11’s New Tab Page with an integrated newsfeed; Security updates to Microsoft Graphics Component, Microsoft Windows DNS, Windows COM, Windows Server, Windows kernel, and Internet Explorer."

Microsoft Knowledge Base Article KB4019472 (OS Build 14393.1198) — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes quality improvements. No new operating system features are being introduced in this update."

Microsoft Knowledge Base Article KB4019473 (10586.916) — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue that causes the OS to become unresponsive when migrating users from a cloud-based solution to an on-premise desktop running Microsoft Virtual Desktop Infrastructure; Addressed issue where the BitLocker Drive Encryption wizard shows the "Choose which encryption mode to use" page even when the BitLocker GPO is enabled; Updated Internet Explorer 11’s New Tab Page with an integrated newsfeed; Deprecated SHA-1 Microsoft Edge and Internet Explorer 11 for SSL/TLS Server Authentication."

Microsoft Knowledge Base Article KB4016871 (OS Build 15063.296 and 15063.297) — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue with Surface Hub devices waking from sleep approximately every four minutes after the first two hour; Addressed issues with Arc Touch mouse Bluetooth connectivity." If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Microsoft Knowledge Base Article KB4019474 (OS Build 10240.17394) — Security Update for Internet Explorer 11

What vulnerabilities does this update fix? "This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue with Microsoft Edge where a memory leak occurs every time you refresh a webpage; Updated Internet Explorer 11’s New Tab Page with an integrated newsfeed; Security updates to the Microsoft Scripting Engine, Microsoft Edge, Windows COM, Microsoft Graphics Component, .NET Framework, Windows kernel, Windows SMB Server, Windows Server, and Internet Explorer."

Microsoft Office 2007 (all editions) and Other Software

Microsoft Knowledge Base Article 3191895 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then, for example, take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. " (source)

Microsoft Knowledge Base Article 2596904 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Note: To apply this security update, you must have the release version of Service Pack 3 for the 2007 Microsoft Office Suite installed on the computer.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights." (source, source)

Microsoft Office 2010 (all editions)

Microsoft Knowledge Base Article 3191899 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then, for example, take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. " (source)

Microsoft Knowledge Base Article 3118310 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could exploit the vulnerability by constructing a specially crafted EPS file that could allow remote code execution. An attacker who successfully exploited this vulnerability could take control of the affected system." (source, source)

Microsoft Office 2013 (all editions)

Microsoft Knowledge Base Article 3191885 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then, for example, take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. " (source)

Microsoft Office 2016 (all editions)

Microsoft Knowledge Base Article 3191863 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0281.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then, for example, take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. " (source)

Microsoft Knowledge Base Article 3191865 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Word 2016 installed on the computer.

What vulnerabilities does this update fix? "If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. " (source, source)

Microsoft Knowledge Base Article 319881 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Office 2016 installed on the computer.

What vulnerabilities does this update fix? "If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. " (source, source)

Microsoft Knowledge Base Article 319841 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

What vulnerabilities does this update fix? "If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. " (source, source)

Microsoft Office Web Apps 2010 (all versions)

Microsoft Knowledge Base Article 3191888 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Office 2016 installed on the computer.

What vulnerabilities does this update fix? "If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. " (source, source)

Microsoft Knowledge Base Article 3191904 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Service Pack 2 for SharePoint Server 2010 Office Web Apps installed on the computer.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user." (source)

Microsoft Knowledge Base Article 3191843 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To apply this security update, you must have the release version of Service Pack 3 for the 2007 Microsoft Office Suite installed on the computer.​

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user." (source)

Skype for Business 2016

Microsoft Knowledge Base Article 3191858 — This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution. Note: To apply this security update, you must have the release version of Skype for Business 2016 installed on the computer.

What vulnerabilities does this update fix? "A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then, for example, take actions on behalf of the logged-on user with the same permissions as the current user." (source)

Adobe Flash Player

Microsoft Knowledge Base Article 4020821 — This security update resolves vulnerabilities in Adobe Flash Player if it's installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, Windows 8.1, or Windows RT 8.1.

What vulnerabilities does this update fix? "A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware." (source)