It’s the day that some have been dreading for months: the first Microsoft Patch Tuesday without our old friends, the security bulletins that we turned to for a quick and dirty synopsis of each patch and what vulnerabilities it addressed.
That day was originally planned to come last month, but according to their announcement, problems with the patches caused Microsoft to postpone their release entirely – something that had never happened in the years that I’ve been writing the Patch Tuesday roundup articles – so we got a brief reprieve. This morning, I steeled myself for what I thought was the inevitable.
- WannaCry ransomware stoped by install MS17-010 patch How to download/install MS17-010 update patch Microsoft Windows MS17-010 patch download install guide.
- How to verify that MS17-010 is installed (Wannacry Ransomware patch). We can now either filter using the free text search in the top left corner, or we can make use of the much more powerful filter panel out to the right. VScope Tracker has inbuilt cases regarding both patch level and MS17-010. Just go inside tracker and look under the.
- Start a Free Trial For Home Sophos Home. MS17-010 - Security Update for Microsoft Windows SMB Server. Vendor-supplied Patch identifier and recommended solution.
- This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. To learn more about.
- Microsoft Releases Patch for Older Windows Versions to Protect Against Wana Decrypt0r; Microsoft Releases Patch for Older Windows Versions to Protect Against Wana Decrypt0r. MS17-010 remained.
May 04, 2018 Free downloads & security; Education; Store locations; Gift cards; View Sitemap; Search. Ms17-010 security patch How to download this patch 'ms17-010' it's very urgent to secure from ransomware. This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.
Imagine my surprise when, just for fun, I went to the Security Bulletins web site and found that the March Bulletins summary and bulletins were there, just like always. Instead of weeping and wailing and gnashing of teeth, there’s rejoicing in the streets – at least here in my home office.
I know it’s only a temporary panacea. The March Bulletin summary contains the following statement:
As a reminder, the Security Updates Guide will be replacing security bulletins. Please see our blog post, Furthering our commitment to security updates, for more details.
That blog post is from November and says the Bulletins will go away after January, so I have no clue on what the real timeframe is now. But I won’t look a gift security bulletin in the mouth. Next month, we might (or might not) be changing the format of this post to match the new way of getting the information, but for now, it’s business as usual.
You can find the Security Bulletin Summary for March here: https://technet.microsoft.com/library/security/ms17-mar
As you might expect, given that Microsoft skipped releasing updates in February, this month is a killer. We have a whopping 18 patches to address, although of course not everyone will be dealing with all of them. Nine of them are rated critical.
While most of the updates are for Windows, there is also a patch for Exchange Server and a couple for Office. We also have the usual Internet Explorer and Edge browser cumulative updates. In addition, some of the updates are for Windows roles or features that not everyone will have enabled.
It’s a big plate of updates, so let’s dig in:
Critical updates
MS17-006 (KB4013073) This is the monthly cumulative update for Internet Explorer versions 9, 10 and 11, running on all currently supported versions of Windows. It is rated critical for client operating systems and moderate for servers.
The update addresses 12 vulnerabilities. Vulnerability types include remote code execution, browser spoofing, elevation of privilege, information disclosure and security feature bypass, with memory corruption issues that can lead to RCE being the most serious. There are no mitigations or workarounds published.
The update fixes the problems by changing the way the browsers, JScript and VBScript handle objects in memory, parse HTTP responses, and restricting what information is returned to affected browsers.
MS17-007 (KB4013071) This is the monthly cumulative update for the Edge browser, running on Windows 10 and Server 2016. It’s rated critical for the client and moderate for the server.
The update addresses an impressive 32 vulnerabilities, which include a plethora of memory corruption issues that can be exploited for remote code execution, along with browser spoofing, elevation of privilege, information disclosure and security feature bypass. There is an interesting PDF memory corruption vulnerability by which Windows 10 systems with Edge set as default browser could be compromised simply by viewing a web site.
The update fixes the problems by changing the way the browsers, JScript and VBScript handle objects in memory, parse HTTP responses, and restricting what information is returned to affected browsers.
MS17-008 (KB4013082) This is an update for Hyper-V in Windows, running on all supported versions of Windows client and server operating systems. Some of these vulnerabilities affect the server core installation. It is rated critical for all.
The update addresses 11 vulnerabilities, which include remote code execution, denial of service, and information disclosure. In all cases, systems that do not have the Hyper-V role enabled are not affected.
The update fixes the problems by preventing out-of-bound memory access, correcting how Windows Hyper-V validates vSMB packet data, and correcting how Hyper-V validates guest operating system user input.
MS17-009 (KB4010319) This is an update for the Windows PDF Library in Windows 8.1 and RT 8.1, Windows 10, and Windows Server 2012, 2012 R2, and 2016. It is rated critical for all.
The update addresses a single vulnerability, which is a PDF memory corruption issue (also addressed and discussed in the cumulative browser update above). Windows 10 systems with Microsoft Edge set as the default browser can be compromised simply by viewing a website. The browsers for other affected operating systems do not automatically render PDF content, so an attacker would have no way to force users to view attacker-controlled content.
The update fixes the vulnerability by modifying how affected systems handle objects in memory.
MS17-010 (KB4013389) This is an update for the Windows SMB Server service in all supported versions of Windows, including RT and the server core installations. It is rated critical for both client and server operating systems.
The update addresses six vulnerabilities, which include five SMB remote code execution vulnerabilities and one SMB information disclosure issue. There is an identified workaround that involves disabling SMBv1 and is described in the security bulletin at https://technet.microsoft.com/library/security/MS17-010
The security update fixes the problems by correcting how SMBv1 handles specially crafted requests.
MS17-011 (KB4013076) This is an update for Uniscribe in all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, and Windows Server 2016. It is rated critical for all.
(Uniscribe is the Microsoft Windows set of services for rendering Unicode-encoded text).
The update addresses 29 vulnerabilities of both the remote code execution and information disclosure type. They could be exploited via web-based or file-sharing attacks. There are no identified mitigations or workarounds.
Microsoft Ms17 010 Patch Download
The update fixes the problems by correcting how the Windows Uniscribe handles objects in memory.
MS17-012 (KB4013078) This is an update for Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows 10 Version 1607 and Windows Server 2016, and Important for Windows Vista, Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, and Windows 10 Version 1511. It is rated critical for all.
The update addresses six vulnerabilities that include security feature bypass in Device Guard, denial of service issues in SMB 2.0 and 3.0 clients, and a remote code execution issue related to Windows DLL loading, along with a DNS query information disclosure issue, an elevation of privilege issue caused by the way Helpane.exe authenticates clients, and an iSNS Server memory corruption vulnerability.
The security update addresses the vulnerabilities by correcting how Device Guard validates certain elements of signed PowerShell scripts, correcting how the Microsoft SMBv2/SMBv3 Client handles specially crafted requests, correcting how Windows validates input before loading DLL files, modifying how Windows dnsclient handles requests, correcting how Helppane.exe authenticates the client, and modifying how the iSNS Server service parses requests.
MS17-013 (KB4013075) This is an update for the Microsoft graphics component in Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. It is rated critical for all.
The update addresses twelve vulnerabilities, which include multiple Windows GDI elevation of privilege issues, information disclosure vulnerabilities related to GDI, GDI+ and Microsoft Color Management, and multiple remote code execution vulnerabilities.
The update fixes the problems by correcting how GDI handles objects in memory and memory addresses and by preventing instances of unintended user-mode privilege elevation.
MS170023 (KB 4014329) This is an update for Adobe Flash Player installed on IE 10 and 11 and the Edge browser running on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016. It is rated critical for all.
The update addresses seven vulnerabilities in the Flash Player software that include a buffer overflow vulnerability that could lead to code execution, memory corruption vulnerabilities that could lead to code execution, a random number generator vulnerability used for constant blinding that could lead to information disclosure, and use-after-free vulnerabilities that could lead to code execution.
There are mitigations and workarounds for those who are unable to apply the update. These are described in the security bulletin at https://technet.microsoft.com/library/security/MS17-023
Important updates
MS17-014 (KB4013241) This is an update for Microsoft Office 2007, 2010, 2013, 2013 RT and 2016, Office for Mac 2011 and 2016, Office Services and Web Apps,Microsoft Server Software,
Microsoft Communications Platforms and Software. It is rated important for all.
Microsoft Communications Platforms and Software. It is rated important for all.
The update addresses seven memory corruption vulnerabilities, two information disclosure issues, a denial of service vulnerability, a SharePoint XSS vulnerability and a Lync for Mac certificate validation issue, for a total of twelve vulnerabilities.
The update fixes the problems by correcting how Office handles objects in memory, changing the way certain functions handle objects in memory, properly initializing the affected variable, helping to ensure that SharePoint Server properly sanitizes web requests, and correcting how the Lync for Mac 2011 client validates certificates.
MS17-015 (KB4013242) This is an update for the Outlook Web Access component in Microsoft Exchange Server 2013 and 2016. It is rated important for both.
The update addresses a single elevation of privilege vulnerability caused by the way OWA handles web requests. There are no identified mitigations or workarounds.
The update fixes the problem by correcting how Exchange validates web requests.
MS17-016 (KB4013074) This is an update for the Internet Information Services (IIS) web server component in all supported versions of Windows client and server operating systems. It is rated important for all.
The update addresses a single cross site scripting (XSS) issue caused when Microsoft IIS Server fails to properly sanitize a specially crafted request. There are no identified mitigations or workarounds.
The update fixes the problem by correcting how Microsoft IIS Server sanitizes web requests.
MS17-017 (KB4013081) This is an update for the Windows kernel in all supported versions of Windows client and server operating systems. It is rated important for all.
The update addresses four separate EoP vulnerabilities, the exploitation of which could enable an attacker to run processes in an elevated context. There are no identified mitigations or workarounds.
The update fixes the problem by correcting how the Windows Kernel API validates input, correcting how the Transaction Manager handles objects in memory, correcting the way that Windows validates the buffer lengths, and helping to ensure that the Windows Kernel API properly handles objects in memory.
MS17-018 (KB4013083) This is an update for the Windows kernel-mode drivers in all currently supported versions of the Windows client and server operating systems, including RT and the server core installations. It is rated important.
The update addresses eight specific vulnerabilities that occur when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. There are no identified mitigations or workarounds.
The update fixes the problems by correcting how the Windows kernel-mode driver handles objects in memory.
MS17-019 (KB4010320) This is an update the Active Directory Federation Services (AD FS) in supported releases of Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. It is rated important for all.
The update addresses a single information disclosure vulnerability that occurs when Windows Active Directory Federation Services (ADFS) honors XML External Entities. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. There are no identified mitigations or workarounds.
The update fixes the problem by causing ADFS to ignore malicious entities.
MS17-020 (KB3208223) Latest wow patch download. This is an update for Windows DVD Maker in Windows Vista and Windows 7. It is rated important for both.
Windows DVD Maker is a DVD authoring utility developed by Microsoft for Windows Vista and included in Windows 7 that allows users to create DVD slideshows and videos for playback on media devices such as a DVD player. It is not part of Windows 8 and above.
The update addresses a single cross-site request forgery vulnerability that is due to Windows DVD Maker failing to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. There are no identified mitigations or workarounds.
The update fixes the problem by correcting how Windows DVD Maker parses files.
MS17-021 (KB4010318) This is an update for DirectShow in all currently supported versions of Windows. It is rated important for all.
Windows DirectShow is an API and multimedia framework that provides a common interface for media across different programming languages. It replaced Video for Windows.
The update addresses an information disclosure vulnerability in DirectShow that is due to the way it handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. There are no identified mitigations or workarounds.
The update fixes the problem by correcting how Windows DirectShow handles objects in memory.
MS17-022 (KB4010321) This is an update for the Microsoft XML Core Services in all currently supported versions of Windows. It is rated important for all.
XML Core Services (MSXML) is a set of services that allow applications written in JScript, VBScript, and Microsoft development tools to build Windows-native XML-based applications. Some versions of Microsoft XML Core Services are included with Microsoft Windows; others are installed with non-operating system software from Microsoft or third-party providers. Some are also available as separate downloads.
The update addresses a single vulnerability that is due to improper handling of objects in memory. Successful exploitation of the vulnerability could allow the attacker to test for the presence of files on disk. There are no identified mitigations or workarounds.
The update fixes the problem by changing the way MSXML handles objects in memory.
You may also like:
Security Update for Microsoft Windows SMB Server (4013389)
Published: March 14, 2017
Version: 1.0
Executive Summary
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.
The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.
For more information about the vulnerabilities, see the Vulnerability Information section.
For more information about this update, see Microsoft Knowledge Base Article 4013389.
Affected Software and Vulnerability Severity Ratings
The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.
The severity ratings indicated for each affected software assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin’s release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the March bulletin summary.
Note Please see the Security Update Guide for a new approach to consuming the security update information. You can customize your views and create affected software spreadsheets, as well as download data via a restful API. For more information, please see the Security Updates Guide FAQ. As a reminder, the Security Updates Guide will be replacing security bulletins. Please see our blog post, Furthering our commitment to security updates, for more details.
**Operating System** | [**Windows SMB Remote Code Execution Vulnerability – CVE-2017-0143**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0143) | [**Windows SMB Remote Code Execution Vulnerability – CVE-2017-0144**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144) | [**Windows SMB Remote Code Execution Vulnerability – CVE-2017-0145**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0145) | [**Windows SMB Remote Code Execution Vulnerability – CVE-2017-0146**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0146) | [**Windows SMB Information Disclosure Vulnerability – CVE-2017-0147**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0147) | [**Windows SMB Remote Code Execution Vulnerability – CVE-2017-0148**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0148) | **Updates Replaced** |
**Windows Vista** | |||||||
[Windows Vista Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
[Windows Vista x64 Edition Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
**Windows Server 2008** | |||||||
[Windows Server 2008 for 32-bit Systems Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
[Windows Server 2008 for x64-based Systems Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
[Windows Server 2008 for Itanium-based Systems Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
**Windows 7** | |||||||
[Windows 7 for 32-bit Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012212) (4012212) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows 7 for 32-bit Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012215) (4012215) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3212646](https://support.microsoft.com/kb/3212646) |
[Windows 7 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012212) (4012212) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows 7 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012215) (4012215) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3212646](https://support.microsoft.com/kb/3212646) |
**Windows Server 2008 R2** | |||||||
[Windows Server 2008 R2 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012212) (4012212) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2008 R2 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012215) (4012215) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3212646](https://support.microsoft.com/kb/3212646) |
[Windows Server 2008 R2 for Itanium-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012212) (4012212) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2008 R2 for Itanium-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012215) (4012215) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3212646](https://support.microsoft.com/kb/3212646) |
**Windows 8.1** | |||||||
[Windows 8.1 for 32-bit Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012213) (4012213) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows 8.1 for 32-bit Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012216) (4012216) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205401](https://support.microsoft.com/kb/3205401) |
[Windows 8.1 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012213) (4012213) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows 8.1 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012216) (4012216) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205401](https://support.microsoft.com/kb/3205401) |
**Windows Server 2012 and Windows Server 2012 R2** | |||||||
[Windows Server 2012](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012214) (4012214) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2012](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012217) (4012217) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205409](https://support.microsoft.com/kb/3205409) |
[Windows Server 2012 R2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012213) (4012213) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2012 R2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012216) (4012216) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205401](https://support.microsoft.com/kb/3205401) |
**Windows RT 8.1** | |||||||
Windows RT 8.1[2](4012216) Monthly Rollup | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205401](https://support.microsoft.com/kb/3205401) |
**Windows 10** | |||||||
[Windows 10 for 32-bit Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012606)[3](4012606) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3210720](https://support.microsoft.com/en-us/kb/3210720) |
[Windows 10 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012606)[3](4012606) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3210720](https://support.microsoft.com/en-us/kb/3210720) |
[Windows 10 Version 1511 for 32-bit Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013198)[3](4013198) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3210721](https://support.microsoft.com/en-us/kb/3210721) |
[Windows 10 Version 1511 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013198)[3](4013198) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3210721](https://support.microsoft.com/en-us/kb/3210721) |
[Windows 10 Version 1607 for 32-bit Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013429)[3](4013429) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3213986](https://support.microsoft.com/en-us/kb/3213986) |
[Windows 10 Version 1607 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013429)[3](4013429) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3213986](https://support.microsoft.com/en-us/kb/3213986) |
**Windows Server 2016** | |||||||
[Windows Server 2016 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013429)[3](4013429) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3213986](https://support.microsoft.com/en-us/kb/3213986) |
**Server Core installation option** | |||||||
[Windows Server 2008 for 32-bit Systems Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (Server Core installation) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
[Windows Server 2008 for x64-based Systems Service Pack 2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012598) (Server Core installation) (4012598) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | 3177186 in [MS16-114](http://go.microsoft.com/fwlink/?linkid=824826) |
[Windows Server 2008 R2 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012212) (Server Core installation) (4012212) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2008 R2 for x64-based Systems Service Pack 1](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012215) (Server Core installation) (4012215) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3212646](https://support.microsoft.com/kb/3212646) |
[Windows Server 2012](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012214) (Server Core installation) (4012214) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2012](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012217) (Server Core installation) (4012217) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205409](https://support.microsoft.com/kb/3205409) |
[Windows Server 2012 R2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012213) (Server Core installation) (4012213) Security Only[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | None |
[Windows Server 2012 R2](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4012216) (Server Core installation) (4012216) Monthly Rollup[1] | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3205401](https://support.microsoft.com/kb/3205401) |
[Windows Server 2016 for x64-based Systems](http://catalog.update.microsoft.com/v7/site/search.aspx?q=kb4013429)[3](Server Core installation) (4013429) | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Critical** Remote Code Execution | **Important** Information Disclosure | **Critical** Remote Code Execution | [3213986](https://support.microsoft.com/en-us/kb/3213986) |
[2]This update is only available via Windows Update.
[3] Windows 10 and Windows Server 2016 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. Please note that effective December 13, 2016, Windows 10 and Windows Server 2016 details for the Cumulative Updates will be documented in Release Notes. Please refer to the Release Notes for OS Build numbers, Known Issues, and affected file list information.
*The Updates Replaced column shows only the latest update in any chain of superseded updates. For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is provided on the Package Details tab).
Vulnerability Information
Multiple Windows SMB Remote Code Execution Vulnerabilities
Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.
To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server.
The security update addresses the vulnerabilities by correcting how SMBv1 handles these specially crafted requests.
The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:
**Vulnerability title** | **CVE number** | **Publicly disclosed** | **Exploited** |
Windows SMB Remote Code Execution Vulnerability | [CVE-2017-0143](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0143) | No | No |
Windows SMB Remote Code Execution Vulnerability | [CVE-2017-0144](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144) | No | No |
Windows SMB Remote Code Execution Vulnerability | [CVE-2017-0145](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0145) | No | No |
Windows SMB Remote Code Execution Vulnerability | [CVE-2017-0146](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0146) | No | No |
Windows SMB Remote Code Execution Vulnerability | [CVE-2017-0148](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0148) | No | No |
**Vulnerability title** | **CVE number** | **Publicly disclosed** | **Exploited** |
Windows SMB Information Disclosure Vulnerability | [CVE-2017-0147](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0147) | No | No |
For Security Update Deployment information, see the Microsoft Knowledge Base article referenced here in the Executive Summary.
Acknowledgments
Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.
Disclaimer
The information provided in the Microsoft Knowledge Base is provided 'as is' without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Ms17 010 Patch Download Windows 7
Revisions
- V1.0 (March 14, 2017): Bulletin published.
Ms17 010 Patch Download
Page generated 2017-05-08 07:15-07:00.