Highlights include 25 updates for remote execution bugs, including patches for some dangerous Office flaws.
The Patch Tuesday updates also include two security advisories, one delivering today's Flash updates, and the second, delivering various security-related patches to Office products, part of the Microsoft's Office Defense in Depth Update series.Security firm Embedi has some more on the updates that affect third-party and legacy code of Office. This includes a vulnerability in the old Equation Editor, an obsolete feature still found in the latest versions of Office.
Besides these, two other security fixes stand out. The first is CVE-2017-11830, a vulnerability that allows attackers to bypass the Windows Device Guard security feature, and CVE-2017-11887, a vulnerability that allows attackers to bypass macro execution protection in Microsoft Excel. Expect CVE-2017-11887 to become a favorite with malware distributors in the following weeks.