Microsoft July Patch Tuesday: Windows NTLM fix

Microsoft’s July 2017 Patch Tuesday addresses more than 50 vulnerabilities in various Microsoft products/services, including 19 critical flaws and a much needed fix for Windows NTLM.

Most of the critical vulnerabilities patched involve client-side systems. There are 14 separate RCE issues being addressed in Microsoft Edge, 5 for Internet Explorer, and 3 for Adobe Flash Player. A patch for the critical RCE bug (CVE-2017-3099) in Adobe Flash Player was on of the 3. Of the 54 Microsoft CVEs addressed, 33 are for Edge and 14 to Internet Explorer.

One of the top security issues tackled in Patch Tuesday was CVE-2017-8589 — a vulnerability in the Windows Search service that can be exploited via the Windows Server Message Block (SMB) protocol. This Windows exploit allows the attacker to have total contol of the target system, servers, and workstations.

System effected are Windows Server 2016, 2012, 2008 R2, 2008 as well as desktop systems like Windows 10, 7 and 8.1