Microsoft December Patch Tuesday Fixes 34 Security Issues (several products affected)

LASER_oneXM

Level 27
Content Creator
Joined
Feb 4, 2016
Messages
1,614
OS
Windows 8.1
Antivirus
Kaspersky
#1
Microsoft has released security updates as part of its monthly Patch Tuesday release train, and this month, the company has patched 34 issues affecting products such as:

- Microsoft Windows
- Microsoft Office
- Microsoft Office Services and Web Apps
- Microsoft Exchange Server
- Microsoft Malware Protection Engine
- Internet Explorer
- Microsoft Edge
- ChakraCore

None of the security issues Microsoft fixed this month were publicly disclosed or exploited in real-world attacks before updates were released earlier today.

Of all bugs, two remote code execution bugs in the Microsoft Malware Protection Engine stand out —CVE-2017-11937 and CVE-2017-11940.
Both issues were reported by the UK National Cyber Security Centre (NCSC), a branch of the UK Government Communications Headquarters (GCHQ), the country's official intelligence and security agency.
Bleeping Computer ran an article on one of the issues last week when Microsoft shipped an out-of-band update to fix the bug, which is now also included as an update part of the December 2017 Patch Tuesday.
Below is a table listing of all the security issues fixed this month. We used PowerShell and the Microsoft API to assemble the table below, but the report is much longer. We hosted the full report on GitHub, here.

If you're not interested in all security updates and you'd like to filter updates per product, you can use Microsoft's official Security Update Guide, available here.
...
......
...
........
........
.............
 

BoraMurdar

Super Moderator
MalwareTips Staff
Joined
Aug 30, 2012
Messages
6,007
OS
Windows 10
Antivirus
Emsisoft
#2
If you're on Windows 10 version 1709, or the Fall Creators Update, PCs will receive KB4054517, or build 16299.125. You can manually download it here. Here's what's been fixed:
  • Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge.
  • Addresses issue where Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode.
  • Addresses issue to reset PLC bit on U0/U3 transitions.
  • Addresses issue with personalized Bluetooth devices that don't support bonding.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 88 languages.
  • Addresses issue where the touch keyboard for a third-party Input Method Editor (IME) has no IME ON/OFF key.
  • Addresses additional issues with updated time zone information.
  • Addresses issue where, when using System Center Virtual Machine Manager (VMM), the user can't copy or clone virtual machines (VM). The error message is "0x80070057- Invalid parameter". This issue affects the VMM UI and PowerShell scripts used for VM cloning and copying.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.
As you can see, it's not the biggest list of changes this month, but the good news is that there are no known issues.
According to the Windows 10 Update History, Windows phones on version 1709 should get build 15254.124, although the changelog isn't available. Presumably, it just has minor fixes.

PCs and phones on version 1703, or the Creators Update, will see KB4053580, or 15063.786. You can manually grab it here, and here's what changed:
  • Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge.
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses issue that caused Windows Pro devices on the Current Branch for Business (CBB) to upgrade unexpectedly.
  • Addresses issue where applications may stop responding for customers who have internet or web proxies enabled using PAC script configurations. This is a result of a reentrancy deadlock in WinHTTP.dll. This can result in the following:
    • Microsoft Outlook can't connect to Microsoft Office365.
    • Internet Explorer and Microsoft Edge can't render any content (including local computer content, local network content, or web content).
    • Cisco Jabber stops responding, which blocks messaging and telephony features.
  • Any application or service that relies on WinHTTP is affected.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.
Again, there are no known issues in KB4053580, or any of the other updates, for that matter.

KB4053579, or build 14393.1944, is also available for PCs and phones, and that's for those on version 1607, or the Anniversary Update. You can manually grab it here. Here's what got fixed:
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Addresses issue where, after you install KB4041688, KB4052231, or KB4048953, the error "CDPUserSvc_XXXX has stopped working" appears. Additionally, this resolves the logging of Event ID 1000 in the Application event log. It notes that svchost.exe_CDPUserSvc_XXXX stopped working and the faulting module name is "cdp.dll".
  • Security updates to the Microsoft Scripting Engine and Microsoft Edge.
For those on version 1511, KB4053578, or build 10586.1295, is PC-only. You can manually download it here, and here's what changed:
  • Addresses additional issues with updated time zone information.
  • Addresses issue that affected some Epson SIDM (Dot Matrix) and TM (POS) printers, which were failing to print on x86-based and x64-based systems. This issue affects KB4048952.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.
Finally, those on the original version of Windows 10 will get KB4053581, or build 10240.17709, and that can be manually downloaded here. Here's what's new:
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Addresses issue that affected some Epson SIDM (Dot Matrix) and TM (POS) printers, which were failing to print on x86-based and x64-based systems. This issue affects KB4048956.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.
Unlike with previous months, none of these updates contain a huge laundry list of features. Of course, this is also the first month in a long time where there are no known issues.
Of course, you don't need to use any of the manual download links to get today's update. Users can head over to Settings -> Update & security -> Windows Update -> Check for updates, and your device will download the version that corresponds to the version that you're using.

For those on Windows 8.1 or Windows Server 2012 R2, you'll get KB4054519, which is the December Monthly Rollup. You can manually download it here, and it contains the following fixes:
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.
There's also a security-only build, KB4054522, which only contains the latter two fixes. You can download that here.

For those that are on the original release of Windows Server 2012, you'll get KB4054520. You can manually grab it here. Here's what's been fixed:
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server
The security-only update, KB4054523, contains the exact same changelog, but you can grab that here.

Finally, if you're still holding out on Windows 7 or Windows Server 2008 R2 SP1, you'll get KB4054518, which can be manually downloaded here. Here's what's fixed:
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.
You might be noticing a pattern here, in which case you can probably guess that the security-only update, KB4054521, only contains the latter two changes. You can grab that here.
None of today's updates contain any known issues.