It was a busy month this month with a total of 48 security issues fixed. All of these have a severity of Critical or Important with Remote Code Execution vulnerabilities again figuring highly, particularly for Microsoft Edge.

There were also a few publicly disclosed vulnerabilities that were fixed, including CVE-2017-8633 (Privilege Escalation with Windows Error Reporting). None of the disclosed vulnerabilities have publicly known exploits as of writing.

Another critical Adobe Flash Player RCE vulnerability has been fixed (ADV170010).

Also of note were a few revisions to CVE-2017-0071, CVE-2017-0228, and CVE-2017-0299 that will require the installation of July (CVE-2017-0071) and August (CVE-2017-0228 and CVE-2017-0299) patches to ensure you are fully protected.

We were waiting to see if Microsoft would release any patches for the recently disclosed SMBLoris vulnerability in this release, but they don't seem to have taken any action to fix in this round of patches.

Finally, this is the first time we have seen vulnerabilities patched on the Linux subsystem under Windows. Since its introduction, it was only a matter of time: CVE-2017-8627 (Dos) and CVE-2017-8622 (Privilege Escalation) are the first of their kind.