Hello, welcome to the Wednesday, July 12th, 2017 edition of the Sands and at Storm Center's Stormcast. My name is Johannes Ulrich and I'm recording from Stockholm, Germany.

Well, with a patch Tuesday, let's first cover that part quickly. Microsoft released fixes for a total of 57 vulnerabilities, 19 of which Microsoft

rated as critical and 24 allowed for remote code execution.

Now out of these 57 vulnerabilities, four are actually already publicly known.

The publicly known ones are actually not the ones that I would consider the most critical

in this release.

The first one and the only publicly known vulnerability that Microsoft considers critical is

a remote code execution vulnerability in HoloLens that's Microsoft's

VR gear not very commonly used so I don't really see it as that super important

the next to public known vulnerabilities are spoofing vulnerabilities in Internet

Explorer and Microsoft Edge. Now, these

vulnerabilities can be used to impersonate another website. So again, nothing that's

super critical. Microsoft only rates them as important and moderate. The fourth one is a denial

of service vulnerability in Windows Explorer.

While annoying, I don't think it takes much of an exploit to crash any modern browser.

Now, the one that really confused me the most was CV 2017-85-89. This is a remote code execution vulnerability in Windows search. Now, we had a patch

for Windows search last month, and that was a vulnerability that was actually being already

exploited. So, was a little bit confused to see this again here?

Looks, according to the CVE, like a different vulnerability.

And Microsoft states that this vulnerability has not yet been exploited.

But this would probably be the one that I would fix first,

because it is somewhat remote exploitable if you do allow outbound

...