Microsoft plugs 53 vulnerabilities on Patch Tuesday

Posted on Wednesday, November 15 2017 @ 15:32 CET by Thomas De Maesschalck
MS logo
Yesterday was the second Tuesday of the month so that means we had another dose of Patch Tuesday. This month there were updates for a total of 53 security bugs in Microsoft software, these targeted the Windows operating system itself, as well as Edge, Office, .NET and more.

Highlights include 25 updates for remote execution bugs, including patches for some dangerous Office flaws.
The Patch Tuesday updates also include two security advisories, one delivering today's Flash updates, and the second, delivering various security-related patches to Office products, part of the Microsoft's Office Defense in Depth Update series.

Besides these, two other security fixes stand out. The first is CVE-2017-11830, a vulnerability that allows attackers to bypass the Windows Device Guard security feature, and CVE-2017-11887, a vulnerability that allows attackers to bypass macro execution protection in Microsoft Excel. Expect CVE-2017-11887 to become a favorite with malware distributors in the following weeks.
Security firm Embedi has some more on the updates that affect third-party and legacy code of Office. This includes a vulnerability in the old Equation Editor, an obsolete feature still found in the latest versions of Office.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.


Loading Comments

Share this story!

Latest news

Latest reviews