Published on: 15 March 2017
Last update on: 13 May 2017
Microsoft has released 18 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:
MS17-006 Cumulative Security Update for Internet Explorer
MS17-007 Cumulative Security Update for Microsoft Edge
MS17-008 Security Update for Windows Hyper-V
MS17-009 Security Update for Microsoft Windows PDF Library
MS17-010 Security Update for Microsoft Windows SMB Server
MS17-011 Security Update for Microsoft Uniscribe
MS17-012 Security Update for Microsoft Windows
MS17-013 Security Update for Microsoft Graphics Component
MS17-014 Security Update for Microsoft Office
MS17-015 Security Update for Microsoft Exchange Server
MS17-016 Security Update for Windows IIS
MS17-017 Security Update for Windows Kernel
MS17-018 Security Update for Windows Kernel-Mode Drivers
MS17-019 Security Update for Active Directory Federation Services
MS17-020 Security Update for Windows DVD Maker
MS17-021 Security Update for Windows DirectShow
MS17-022 Security Update for Microsoft XML Core Services
MS17-023 Security Update for Adobe Flash Player
There are reports of worldwide ransomware attack named "WannaCry" or "WanaCrypt0r 2.0", which exploits the Microsoft Windows Server Message Block (SMB) vulnerability (MS17-010)
A complete list of the affected products can be found in the section "Affected Software" in the Microsoft security bulletin summary available at:
https://technet.microsoft.com/library/security/ms17-mar
Depending on the vulnerability exploited, a successful attack could lead to denial of service, elevation of privilege, information disclosure, remote code execution, security restriction bypass, or spoofing.
Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
If any problem is encountered during the patch installation via automated methods, patches for various affected systems can also be downloaded individually from the "Affected Software" section of the corresponding Microsoft Security Advisory and Bulletins which can be accessed from the URL(s) listed in the "More Information" section of this Security Alert.
Microsoft provides a security update to all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Users and administrators are advised to take following immediate actions to prevent and defend against the potential attack against the SMB vulnerability:
- Apply the latest security patches on all Windows-based systems;
- Block the SMB ports (TCP ports 139 and 445) from Internet access. SMB protocol should be used for file/printer sharing in the internal network only;
- Keep the anti-malware software and signatures up-to-date on all computer systems; and
- Stay vigilant of the suspicious emails and websites and avoiding clicking unknown attachments and links.
https://technet.microsoft.com/en-us/library/security/ms17-mar
https://technet.microsoft.com/en-us/library/security/ms17-006
https://technet.microsoft.com/en-us/library/security/ms17-007
https://technet.microsoft.com/en-us/library/security/ms17-008
https://technet.microsoft.com/en-us/library/security/ms17-009
https://technet.microsoft.com/en-us/library/security/ms17-010
https://technet.microsoft.com/en-us/library/security/ms17-011
https://technet.microsoft.com/en-us/library/security/ms17-012
https://technet.microsoft.com/en-us/library/security/ms17-013
https://technet.microsoft.com/en-us/library/security/ms17-014
https://technet.microsoft.com/en-us/library/security/ms17-015
https://technet.microsoft.com/en-us/library/security/ms17-016
https://technet.microsoft.com/en-us/library/security/ms17-017
https://technet.microsoft.com/en-us/library/security/ms17-018
https://technet.microsoft.com/en-us/library/security/ms17-019
https://technet.microsoft.com/en-us/library/security/ms17-020
https://technet.microsoft.com/en-us/library/security/ms17-021
https://technet.microsoft.com/en-us/library/security/ms17-022
https://technet.microsoft.com/en-us/library/security/ms17-023
https://www.hkcert.org/my_url/en/alert/17031501
https://www.us-cert.gov/ncas/current-activity/2017/03/14/Microsoft-Releases-March-2017-Security-Bulletin
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0005 (to CVE-2017-0012)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0014 (to CVE-2017-0035)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0037 (to CVE-2017-0040)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0042 (to CVE-2017-0043)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0049 (to CVE-2017-0053)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055 (to CVE-2017-0063)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0065 (to CVE-2017-0092)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0094 (to CVE-2017-0105)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0107 (to CVE-2017-0138)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0140 (to CVE-2017-0141)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143 (to CVE-2017-0151)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0154
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html