[NetsecTR] non-MS patches that affect Windows platforms in the past month.

[Faruk Demirel]

here's the chart of non-MS patches that affect Windows platforms in the
past month.

Patch data provided by:

[image: Ivanti.com] <https://www.ivanti.com/en-US/>

*Technology*

*Products Affected*

*Severity*

*Reference*

*Workaround/ Exploited*

*Vulnerability Info*

Internet Explorer

IE 9, 10, 11

Critical

CVE-2017-8517
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8517>

CVE-2017-8519
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8519>

CVE-2017-8522
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8522>

CVE-2017-8524
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8524>

CVE-2017-8529
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8529>

CVE-2017-8547
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8547>

Workaround: No

Exploited: No

Remote Code Execution

Information Disclosure



Edge

Microsoft Edge

Critical

CVE-2017-8496
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8496>

CVE-2017-8497
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8497>

CVE-2017-8498
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8498>

CVE-2017-8499
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8499>

CVE-2017-8504
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8504>

CVE-2017-8517
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8517>

CVE-2017-8520
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8520>

CVE-2017-8521
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8521>

CVE-2017-8522
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8522>

CVE-2017-8523
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8523>

CVE-2017-8524
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8524>

CVE-2017-8529
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8529>

CVE-2017-8530
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8530>

CVE-2017-8548
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8548>

CVE-2017-8549
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8549>

CVE-2017-8555
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8555>

CVE-2017-0223
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0223>

Workaround: No

Exploited: No

Remote Code Execution

Information Disclosure

Security Feature Bypass

Windows

Windows 10

Windows 8.1

Windows RT 8.1

Windows 7

Server 2008/2008 R2

Sever 2012/2012 R2

Server 2016

Critical

CVE-2017-8473
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8473>

CVE-2017-8474
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8474>

CVE-2017-8475
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8475>

CVE-2017-8553
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8553>

CVE-2017-0282
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0282>

CVE-2017-0283
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283>

CVE-2017-0284
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0284>

CVE-2017-8477
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8477>

CVE-2017-8478
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8478>

CVE-2017-8479
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8479>

CVE-2017-0285
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0285>

CVE-2017-0286
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0286>

CVE-2017-0287
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0287>

CVE-2017-8480
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8480>

CVE-2017-8481
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8481>

CVE-2017-8482
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8482>

CVE-2017-0288
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0288>

CVE-2017-0289
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0289>

CVE-2017-8483
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8483>

CVE-2017-8484
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8484>

CVE-2017-0291
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0291>

CVE-2017-0292
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0292>

CVE-2017-0294
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0294>

CVE-2017-8485
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8485>

CVE-2017-8488
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8488>

CVE-2017-0295
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0295>

CVE-2017-0296
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296>

CVE-2017-0297
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0297>

CVE-2017-8489
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8489>

CVE-2017-8490
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8490>

CVE-2017-0298
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0298>

CVE-2017-0299
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0299>

CVE-2017-8491
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8491>

CVE-2017-8492
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8492>

CVE-2017-8493
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493>

CVE-2017-0300
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0300>

CVE-2017-8460
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8460>

CVE-2017-8462
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8462>

CVE-2017-8494
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8494>

CVE-2017-8515
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8515>

CVE-2017-8527
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8527>

CVE-2017-8528
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8528>

**CVE-2017-8464
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464>

CVE-2017-8465
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8465>

CVE-2017-8531
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8531>

CVE-2017-8532
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8532>

CVE-2017-8466
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8466>

CVE-2017-8468
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8468>

CVE-2017-8469
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8469>

CVE-2017-8470
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8470>

CVE-2017-8533
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8533>

CVE-2017-8534
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8534>

**CVE-2017-8543
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543>

CVE-2017-8471
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8471>

CVE-2017-8472
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8472>

CVE-2017-8544
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8544>

CVE-2017-0173
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0173>

CVE-2017-0193
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0193>

CVE-2017-0215
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0215>

CVE-2017-0216
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0216>

CVE-2017-0218
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0218>

CVE-2017-0219
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0219>

CVE-2017-0260
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0260>

CVE-2017-8476
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8476>

CVE-2017-8552
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8552>

Workaround: No

**Exploited: Yes

Remote Code Execution

Denial of Service

Information Disclosure

Elevation of Privilege

Security Feature Bypass

Tampering



Office, Office Services and Web Apps



Office 2010,

2013, 2016

Office Web Apps 2010,

2013

OneNote 2010

Outlook 2007, 2010, 2013, 2016

PowerPoint 2007, 2013, 2016, Mac 2011

SharePoint 2007, 2013, 2016

Word 2007, 2010, 2013, 2016

Skype Business 2016



Critical

CVE-2017-0260
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0260>

CVE-2017-0282
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0282>

CVE-2017-0283
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283>

CVE-2017-0284
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0284>

CVE-2017-0285
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0285>

CVE-2017-0286
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0286>

CVE-2017-0287
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0287>

CVE-2017-0288
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0288>

CVE-2017-0289
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0289>

CVE-2017-0292
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0292>

CVE-2017-8506
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8506>

CVE-2017-8507
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8507>

CVE-2017-8508
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8508>

CVE-2017-8509
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509>

CVE-2017-8510
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8510>

CVE-2017-8511
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8511>

CVE-2017-8512
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8512>

CVE-2017-8513
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8513>

CVE-2017-8514
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8514>

CVE-2017-8527
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8527>

CVE-2017-8528
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8528>

CVE-2017-8531
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8531>

CVE-2017-8532
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8532>

CVE-2017-8533
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8533>

CVE-2017-8534
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8534>

CVE-2017-8545
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545>

CVE-2017-8550
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8550>

CVE-2017-8551
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8551>

Workaround: No

Exploited: No

Remote Code Execution

Elevation of Privilege

Spoofing

Security Feature Bypass

Information Disclosure



Silverlight

Silverlight 5

Critical

CVE-2017-0283
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283>

CVE-2017-8527
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8527>

Workaround: No

Exploited: No

Remote Code Execution

Adobe Flash

25.0.0.171 and earlier

Critical

CVE-2017-3075 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3075>

CVE-2017-3081 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3081>

CVE-2017-3083 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3083>

CVE-2017-3084 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3084>

CVE-2017-3076 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3076>

CVE-2017-3077 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3077>

CVE-2017-3078 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3078>

CVE-2017-3079 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3079>

CVE-2017-3082 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3082>

Workaround: No

Exploited: No

Arbitrary Code Execution

-------------------------------------------------
BGA Wiki - Penetration Test Wiki

http://wiki.bgasecurity.com/Kategori:Pentest

-------------------------------------------------