Weekly Infosec News Brief: 10-16 July 2017
Microsoft Issues Updates for 19 Critical Vulnerabilities on Patch Tuesday This month's Patch Tuesday saw Microsoft issue updates for 55 vulnerabilities in all, 19 of which were classified as critical. Several of the critical patches are for Internet Explorer 11, including some that could allow an attacker to remotely execute code against a vulnerable machine. An Office vulnerability (CVE-2017-8570) was also patched; the vulnerability could allow a malicious document to run arbitrary malicious code when a user opens a specially-crafted document. Another vulnerability (CVE-2017-8563), this one is the NTLM authentication protocol has engendered a lot of discussion. The key here is not just to patch, but also to ensure that SMB signing is enabled in your domain, and that Kerberos, rather than NTLM, is your primary authentication mechanism. SANS/ISC Summary of July 2017 Microsoft Updates Microsoft July 2017 Security Update Summary Adobe Releases New Version of Flash Player to