Today is the March 2017 Microsoft Patch Tuesday and we have 17 security updates being released by Microsoft. Of these seventeen updates, seven of them are rated as Critical as they allow remote code execution on the affected computer. 

Remote Code Execution vulnerabilities are ones that allow an attacker to remotely execute commands on a computer. These commands could download further software, add user accounts, or perform virtually any action on the vulnerable computer.

All Windows users should immediately run Windows update and install all of the available updates as soon as possible. For a full list of the security updates, vulnerabilities, and links to their respective bulletins, please see the table below.

March 2017 Microsoft Patch Tuesday Security Updates:

MS17-006 Cumulative Security Update for Internet Explorer (4013073) - Critical

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

This security update is rated Critical for Internet Explorer 9 (IE 9) and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers. 

MS17-007 Cumulative Security Update for Microsoft Edge (4013071) - Critical

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

This security update is rated Critical for Microsoft Edge on Windows 10 and Moderate on Windows Server 2016. 

The update addresses the vulnerabilities by modifying how Microsoft Edge handles objects in memory.

MS17-008 Security Update for Windows Hyper-V (4013082) - Critical

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

This security update is rated Critical for all supported editions of Windows.

The security update addresses the vulnerabilities by correcting how Hyper-V validates guest operating system user input. 

MS17-009 Security Update for Microsoft Windows PDF Library (4010319) - Critical

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

This security update is rated Critical for all supported editions of Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016.

The security update addresses the vulnerablity by correcting how affected systems handle objects in memory.

MS17-010 Security Update for Microsoft Windows SMB Server (4013389) - Critical

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

This security update is rated Critical for all supported releases of Microsoft Windows.

The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.

MS17-011 Security Update for Microsoft Uniscribe (4013076) - Important

This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, and Windows Server 2016.

The security update addresses these vulnerabilities by correcting how Windows Uniscribe handles objects in memory.

MS17-012 Security Update for Microsoft Windows (4013078) - Important

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

This security update is rated Critical for Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows 10 Version 1607 and Windows Server 2016, and Important for Windows Vista, Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, and Windows 10 Version 1511.

The security update addresses the vulnerabilities by:

  • Correcting how Device Guard validates certain elements of signed PowerShell scripts.
  • Correcting how the Microsoft SMBv2/SMBv3 Client handles specially crafted requests.
  • Correcting how Windows validates input before loading DLL files.
  • Modifying how Windows dnsclient handles requests.
  • Correcting how Helppane.exe authenticates the client.
  • Modifying how the iSNS Server service parses requests.

MS17-013 Security Update for Microsoft Graphics Component (4013075) - Critical

This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for:

  • All supported releases of Microsoft Windows
  • Affected editions of Microsoft Office 2007 and Microsoft Office 2010
  • Affected editions of Skype for Business 2016, Microsoft Lync 2013, and Microsoft Lync 2010
  • Affected editions of Silverlight

The security update addresses the vulnerabilities by correcting how the software handles objects in memory.

MS17-014 Security Update for Microsoft Office (4013241) - Important

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

The security update addresses the vulnerabilities by:

  • Correcting how Office handles objects in memory
  • Changing the way certain functions handle objects in memory
  • Properly initializing the affected variable
  • Helping to ensure that SharePoint Server properly sanitizes web requests
  • Correcting how the Lync for Mac 2011 client validates certificates

MS17-015 Security Update for Microsoft Exchange Server (4013242) - Important

This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

This security update is rated Important for all supported editions of Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016.

The security update addresses the vulnerability by correcting how Microsoft Exchange validates web requests.

MS17-016 Security Update for Windows IIS (4013074) - Important

This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

This security update is rated Important for all supported releases of Microsoft Windows.

The security update addresses the vulnerability by modifying the way that Microsoft IIS Server sanitizes web requests.

MS17-017 Security Update for Windows Kernel (4013081) - Important

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

This security update is rated Important for all supported releases of Microsoft Windows.

The security update addresses the vulnerabilities by:

  • Correcting how the Windows Kernel API validates input
  • Correcting how the Transaction Manager handles objects in memory
  • Correcting the way that Windows validates the buffer lengths
  • Helping to ensure that the Windows Kernel API properly handles objects in memory

MS17-018 Security Update for Windows Kernel-Mode Drivers (4013083) - Important

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

The update addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory.

This security update is rated Important for all supported releases of Microsoft Windows.

MS17-019 Security Update for Active Directory Federation Services (4010320) - Important

This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

This security update is rated Important for all supported releases of Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. For more information, see the Affected Software and Vulnerability Severity Ratings section.

The update addresses the vulnerability by adding additional verification checks in ADFS.

MS17-020 Security Update for Windows DVD Maker (3208223) - Important

This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

This security update is rated Important for Windows Vista and Windows 7.

The security update addresses the vulnerability by correcting how Windows DVD Maker parses files.

MS17-021 Security Update for Windows DirectShow (4010318) - Important

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

This security update is rated Important for all affected versions of Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.

The security update addresses the vulnerability by correcting how Windows DirectShow handles objects in memory.

MS17-022 Security Update for Microsoft XML Core Services (4010321) - Important

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

This security update is rated Important for Microsoft XML Core Services 3.0 on all supported releases of Microsoft Windows.

The update addresses the vulnerability by changing how MSXML handles objects in memory 

MS17-023 Security Update for Adobe Flash Player (4014329) - Critical

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

This security update is rated Critical. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge.

Get updating!