Microsoft Patch Tuesday - April

Microsoft has released April's Patch Tuesday in the new Security Update Guide format. There are 61 security updates for products such as its operating systems, browsers, the Office suite, and others.

Threat ID:: CC-1327
Category:
Threat Severity:: Medium
Threat Vector:: Zero day
Published:: 12 April 2017 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Microsoft has released April's Patch Tuesday in the new Security Update Guide format. There are 61 security updates for products such as its operating systems, browsers, the Office suite, and others.

Affected platforms

The following platforms are known to be affected:

Adobe Flash Player

Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Visual Studio for Mac
NET Framework
Silverlight
Adobe Flash Player

Threat details

This month's Patch Tuesday see's the retirement of the security bulletins format (MS17-XXX) in favor of a new searchable database that lists individual updates (KBxxxxxxx) one by one.

This update also patches a notable zero-day disclosed over the weekend, tracked as CVE-2017-0199.

The last security updates for Vista are also included, because as of today, Microsoft has stopped all support (free and paid) for the Operating System.

Remediation steps

Type	Step
	Ensure patches are prioritised and rolled out highest risk first at the earliest available opportunity. Relevant logs and other audit trails should be inspected for any indication of access via disclosed and known 0-day vulnerabilities that could have happened prior to patch application. Additional mitigation should be sought to protect devices from future 0-day releases such as these, for example limiting access to devices from untrusted locations, disabling automatic loading of Flash material, strict mail filters with blocks in place to prevent certain non-required file types from being allowed onto the estate etc. Good privilege controls restricting users to the lowest level of access required can prove an effective mitigation strategy, thereby seriously reducing the potential impact. Ensure staff awareness is rolled out and refreshed to ensure staff are informed about the dangers of malicious websites and attachments.

Type

Step

Ensure patches are prioritised and rolled out highest risk first at the earliest available opportunity.

Relevant logs and other audit trails should be inspected for any indication of access via disclosed and known 0-day vulnerabilities that could have happened prior to patch application.

Additional mitigation should be sought to protect devices from future 0-day releases such as these, for example limiting access to devices from untrusted locations, disabling automatic loading of Flash material, strict mail filters with blocks in place to prevent certain non-required file types from being allowed onto the estate etc.

Good privilege controls restricting users to the lowest level of access required can prove an effective mitigation strategy, thereby seriously reducing the potential impact.

Ensure staff awareness is rolled out and refreshed to ensure staff are informed about the dangers of malicious websites and attachments.

CVE Vulnerabilities

Status

CVE-2017-0199

Last edited: 17 February 2020 11:35 am