Segunda terça-feira do mês e a Microsoft realizou a tradicional Patch Tuesday, corrigindo nada menos que 82 vulnerabilidades em seus produtos de uma só vez.
Nessa edição de Setembro, a empresa foi rápida em consertar uma falha de segurança que já estava sendo empregada em ataques de espionagem patrocinados por governos.
A vulnerabilidade fazia parte do .NET Framework e era considerada “zero-day”, ou seja, desconhecida mas já explorada em ataques. Através da falha, era possível enviar documentos em formato Rich Text para alvos com a capacidade de injetar códigos maliciosos uma vez abertos por suas vítimas. Segundo análises da empresa de segurança FireEye, o vetor de ataque foi detectado em uma operação de monitoramento de usuários russos e, a partir da infecção, carregava um módulo de vigilância desenvolvido pela Gamma Group, startup alemã especializada em spyware estatal.
A FireEye detectou o problema no final de Julho e reportou a vulnerabilidade em sigilo para a Microsoft. No boletim de segurança associado ao problema, a Microsoft reconhece a vulnerabilidade como importante e alerta que ela afeta todas as versões do Windows.
A recomendação é que os usuários instalem as correções imediatamente, uma vez que cibercriminosos poderão e deverão utilizar esse falha de segurança para conduzir ataques no futuro na expectativa de atingir sistemas desatualizados em larga escala.
Confira a lista completa de correções publicadas nessa Patch Tuesday:
Produto | URL | Problema |
---|---|---|
.NET Framework | CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability |
Adobe Flash Player | ADV170013 | September 2017 Flash Security Update |
Device Guard | CVE-2017-8746 | Device Guard Security Feature Bypass Vulnerability |
HoloLens | CVE-2017-9417 | Broadcom BCM43xx Remote Code Execution Vulnerability |
Internet Explorer | CVE-2017-8749 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2017-8747 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2017-8733 | Internet Explorer Spoofing Vulnerability |
Microsoft Bluetooth Driver | CVE-2017-8628 | Microsoft Bluetooth Driver Spoofing Vulnerability |
Microsoft Browsers | CVE-2017-8736 | Microsoft Browser Information Disclosure Vulnerability |
Microsoft Browsers | CVE-2017-8750 | Microsoft Browser Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8757 | Microsoft Edge Remote Code Execution Vulnerability |
Microsoft Edge | CVE-2017-8597 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2017-8723 | Microsoft Edge Security Feature Bypass Vulnerability |
Microsoft Edge | CVE-2017-11766 | Microsoft Edge Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8643 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2017-8648 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2017-8735 | Microsoft Edge Spoofing Vulnerability |
Microsoft Edge | CVE-2017-8755 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8754 | Microsoft Edge Security Feature Bypass Vulnerability |
Microsoft Edge | CVE-2017-8751 | Microsoft Edge Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8734 | Microsoft Edge Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8724 | Microsoft Edge Spoofing Vulnerability |
Microsoft Edge | CVE-2017-8731 | Microsoft Edge Memory Corruption Vulnerability |
Microsoft Edge | CVE-2017-8756 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Exchange Server | CVE-2017-11761 | Microsoft Exchange Information Disclosure Vulnerability |
Microsoft Exchange Server | CVE-2017-8758 | Microsoft Exchange Cross-Site Scripting Vulnerability |
Microsoft Graphics Component | CVE-2017-8688 | Windows GDI+ Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2017-8685 | Windows GDI+ Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2017-8695 | Graphics Component Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2017-8683 | Win32k Graphics Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2017-8696 | Microsoft Graphics Component Remote Code Execution |
Microsoft Graphics Component | CVE-2017-8684 | Windows GDI+ Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2017-8682 | Win32k Graphics Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2017-8720 | Win32k Elevation of Privilege Vulnerability |
Microsoft Graphics Component | CVE-2017-8676 | Windows GDI+ Information Disclosure Vulnerability |
Microsoft Office | CVE-2017-8632 | Microsoft Office Memory Corruption Vulnerability |
Microsoft Office | CVE-2017-8725 | Microsoft Office Publisher Remote Code Execution |
Microsoft Office | CVE-2017-8630 | Microsoft Office Memory Corruption Vulnerability |
Microsoft Office | CVE-2017-8743 | PowerPoint Remote Code Execution Vulnerability |
Microsoft Office | CVE-2017-8742 | PowerPoint Remote Code Execution Vulnerability |
Microsoft Office | CVE-2017-8745 | Microsoft SharePoint Cross Site Scripting Vulnerability |
Microsoft Office | CVE-2017-8744 | Microsoft Office Memory Corruption Vulnerability |
Microsoft Office | CVE-2017-8567 | Microsoft Office Remote Code Execution |
Microsoft Office | ADV170015 | Microsoft Office Defense in Depth Update |
Microsoft Office | CVE-2017-8629 | Microsoft SharePoint XSS Vulnerability |
Microsoft Office | CVE-2017-8631 | Microsoft Office Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8738 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8729 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8739 | Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2017-8740 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8741 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8649 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8660 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8748 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-11764 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8752 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2017-8753 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Uniscribe | CVE-2017-8692 | Uniscribe Remote Code Execution Vulnerability |
Microsoft Windows | CVE-2017-8699 | Windows Shell Remote Code Execution Vulnerability |
Microsoft Windows | CVE-2017-8710 | Windows Information Disclosure Vulnerability |
Microsoft Windows | CVE-2017-8716 | Windows Security Feature Bypass Vulnerability |
Microsoft Windows | CVE-2017-8702 | Windows Elevation of Privilege Vulnerability |
Microsoft Windows PDF | CVE-2017-8737 | Microsoft PDF Remote Code Execution Vulnerability |
Microsoft Windows PDF | CVE-2017-8728 | Microsoft PDF Remote Code Execution Vulnerability |
Windows DHCP Server | CVE-2017-8686 | Windows DHCP Server Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2017-8712 | Hyper-V Information Disclosure Vulnerability |
Windows Hyper-V | CVE-2017-8713 | Hyper-V Information Disclosure Vulnerability |
Windows Hyper-V | CVE-2017-8714 | Remote Desktop Virtual Host Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2017-8711 | Hyper-V Information Disclosure Vulnerability |
Windows Hyper-V | CVE-2017-8707 | Hyper-V Information Disclosure Vulnerability |
Windows Hyper-V | CVE-2017-8704 | Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2017-8706 | Hyper-V Information Disclosure Vulnerability |
Windows Kernel | CVE-2017-8719 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2017-8708 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2017-8679 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2017-8709 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8687 | Win32k Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8681 | Win32k Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8675 | Win32k Elevation of Privilege Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8678 | Win32k Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8677 | Win32k Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2017-8680 | Win32k Information Disclosure Vulnerability |
Windows NetBIOS | CVE-2017-0161 | NetBIOS Remote Code Execution Vulnerability |