Microsoft security updates – Out-of-Band

Number: AV17-114
Date: 28 July 2017

Purpose

The purpose of this advisory is to bring attention to recently released Microsoft Security Updates. This update resolves vulnerabilities that could allow remote code execution if a user opens a specially crafted Office file.

Assessment

The summary covers multiple out-of-band support package deployments addressing multiple vulnerabilities in various Microsoft products.

Affected Products:

  • Microsoft Outlook 2007 Service Pack 3  
  • Microsoft Office 2010 Click-to-Run (C2R) for 64-bit editions
  • Microsoft Office 2010 Click-to-Run (C2R) for 32-bit editions           
  • Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
  • Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 
  • Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions  
  • Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions   
  • Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
  • Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions  
  • Microsoft Outlook 2016 (64-bit edition)    
  • Microsoft Outlook 2016 (32-bit edition) 

CVE References: CVE-2017-8571, CVE-2017-8572, CVE-2017-8663

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

Date modified: