June’s Patch Tuesday for Windows machines brought no less than 96 different patches for various vulnerabilities. That number also includes two vulnerabilities that are under active attack right now, CVE-2017-8543 and CVE-2017-8464.
This month’s Patch Tuesday also includes emergency patches for unsupported versions of Windows. These patches fix three exploits that were leaked by the Shadow Brokers, who data dumped NSA’s hacking repository in April.
The latest security update patches several other RCE (remote code execution) flaws found in supported Windows versions.
CVE-2017-8543 – mentioned above – is especially dangerous. It is essentially an SMB flaw similar to the one that WannaCry exploited, causing havoc to 300,000 machines across 150 countries in a very short span of time.
In an advisory issued to Windows users, Microsoft warns:
“To exploit the vulnerability, the attacker could send specially crafted SMB messages to the Windows Search service. An attacker with access to a target computer could exploit this vulnerability to elevate privileges and take control of the computer.”
These patches also include flaws in the Microsoft Edge browser, two of which allow security feature bypass, and one that allows for disclosure of information.
Any way you look at it, these patches are critical. At a time when WannaCry is still ringing in every IT department’s ears, it is imperative that Windows users of both supported and unsupported versions apply these patches that have come through on June’s Patch Tuesday update.
In parallel, Adobe has also released its June security updates vide APSB17-17 for Flash Player and APSB17-18 for Shockwave Player. There are 9 RCE flaws in Flash Player and one in Shockwave Player. If you’re on Chrome, Edge or IE 11, you should automatically get the update from Google or Microsoft. Other browser users will need to get it directly from Adobe.
To protect your Windows machines and networks, you are advised to download and install the updates as soon as possible, especially considering the fact that some of the vulnerabilities that the update patches are under active attack.