Cisco Blogs
Share

Microsoft Patch Tuesday – January 2017

- January 10, 2017 - 0 Comments

Happy New Year to our readers! Today marks the first Patch Tuesday of 2017 with Microsoft releasing their monthly set of bulletins designed to address security vulnerabilities. This month’s release is relatively light with 4 bulletins addressing 3 vulnerabilities. Two bulletins are rated critical and address vulnerabilities in Office and Adobe Flash Player while the other two are rated important and address vulnerabilities Edge and the Local Security Authority Subsystem Service.

Bulletins Rated Critical

Microsoft bulletins MS17-002 and MS17-003 are rated critical.

MS17-002 addresses CVE-2017-0003, an arbitrary code execution vulnerability in Microsoft Office 2016. Specifically, Microsoft Word 2016 and Microsoft SharePoint Enterprise Server 2016 are affected. This vulnerability manifests in the way Office handles objects in memory. Exploitation of this flaw is achievable if, for example, a user opens a specifically crafted Word document received via email or downloaded from a site hosting a specifically crafted document.

Read more »

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

Share