In this month, May 2017, Microsoft has published fifty six vulnerabilities in which more than thirty vulnerabilities are rated as critical. While classifying the vulnerabilities based on their severity, the high rated vulnerabilities are much higher than the medium rated and the lower rated vulnerabilities.
Another important classification is based on their nature of exploitability, we find that locally exploited vulnerabilities are more in number than the remotely exploitable ones.
In contrast to the previous month, While classifying the vulnerabilities based on authentication, the vulnerabilities that does not require authentication are much higher than the vulnerabilities that require authentication.
| No | CVE Number | Vulnerability Type | Affected Products |
| 1 | CVE-2017-0226 | Memory Corruption Vulnerability | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 |
| 2 | CVE-2017-0064 | Security Bypass Vulnerability | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 |
| 3 | CVE-2017-0222 | Memory Corruption Vulnerability | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 |
| 4 | CVE-2017-0221 | Memory Corruption Vulnerability | Microsoft Edge |
| 5 | CVE-2017-0240 | Memory Corruption Vulnerability | Microsoft Edge |
| 6 | CVE-2017-0224 | Memory Corruption Vulnerability | Microsoft Edge |
| 7 | CVE-2017-0229 | Memory Corruption Vulnerability | Microsoft Edge |
| 8 | CVE-2017-0230 | Memory Corruption Vulnerability | Microsoft Edge |
| 9 | CVE-2017-0234 | Memory Corruption Vulnerability | Microsoft Edge |
| 10 | CVE-2017-0235 | Memory Corruption Vulnerability | Microsoft Edge |
| 11 | CVE-2017-0236 | Memory Corruption Vulnerability | Microsoft Edge |
| 12 | CVE-2017-0227 | Memory Corruption Vulnerability | Microsoft Edge |
| 13 | CVE-2017-0266 | Remote Code Execution Vulnerability | Microsoft Edge |
| 14 | CVE-2017-0241 | Privilege Escalation Vulnerability | Microsoft Edge |
| 15 | CVE-2017-0233 | Privilege Escalation Vulnerability | Microsoft Edge |
| 16 | CVE-2017-0228 | Memory Corruption Vulnerability | Microsoft Edge Microsoft Internet Explorer 11 |
| 17 | CVE-2017-0238 | Memory Corruption Vulnerability | Microsoft Edge Microsoft Internet Explorer 11 |
| 18 | CVE-2017-0231 | Privilege Escalation Vulnerability | Microsoft Edge Microsoft Internet Explorer 11 |
| 19 | CVE-2017-0281 | Remote Code Execution Vulnerability | Microsoft Office Web Apps Server 2013 SP1 Microsoft Office Web Apps Server 2010 SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 SP2 Microsoft Office 2013 SP1 Microsoft Skype for Business 2016 Microsoft Word 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Server 2016 Microsoft SharePoint Enterprise Server 2013 Microsoft Project Server 2013 SP1 Microsoft Office 2016 Microsoft Office Online Server 2016 |
| 20 | CVE-2017-0254 | Memory Corruption Vulnerability | Microsoft Word Viewer Microsoft Word Automation Services Microsoft Word 2016 Microsoft Word 2013 SP1 Microsoft Word 2013 RT SP1 Microsoft Word 2010 SP2 Microsoft Word 2007 SP3 Microsoft SharePoint Server 2016 Microsoft Office Web Apps Server 2013 SP1 Microsoft Office Web Apps Server 2010 SP2 Microsoft Office Compatibility Pack SP3 Microsoft Office 2010 SP2 |
| 21 | CVE-2017-0261 | Remote Code Execution Vulnerability | Microsoft Office 2016 Microsoft Office 2013 SP1 Microsoft Office 2010 SP2 |
| 22 | CVE-2017-0255 | Security Bypass Vulnerability | Microsoft SharePoint Foundation 2013 SP1 |
| 23 | CVE-2017-0262 | Remote Code Execution Vulnerability | Microsoft Office 2013 Service Pack 1 Microsoft Office 2016 Microsoft Office 2010 Service Pack 2 Microsoft Office 2013 RT Service Pack 1 |
| 24 | CVE-2017-0265 | Memory Corruption Vulnerability | Microsoft PowerPoint for Mac 2011 |
| 25 | CVE-2017-0264 | Memory Corruption Vulnerability | Microsoft PowerPoint for Mac 2011 |
| 26 | CVE-2017-0248 | Remote Code Execution Vulnerability | Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 |
| 27 | CVE-2017-0212 | Privilege Escalation Vulnerability | Microsoft Windows 10 Microsoft Windows Server 2016 |
| 28 | CVE-2017-0272 | Security Bypass Vulnerability | Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 7 Microsoft Windows RT 8.1 |
| 29 | CVE-2017-0277 | Remote Code Execution Vulnerability |
Microsoft Windows 10 |
| 30 | CVE-2017-0278 | Remote Code Execution Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 31 | CVE-2017-0279 | Remote Code Execution Vulnerability | Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 |
| 32 | CVE-2017-0267 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 R2 |
| 33 | CVE-2017-0268 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 34 | CVE-2017-0270 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 35 | CVE-2017-0271 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 36 | CVE-2017-0274 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 37 | CVE-2017-0275 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 38 | CVE-2017-0276 | Information Disclosure Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
| 39 | CVE-2017-0269 | Denial of Service Vulnerability | Microsoft Windows 10 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 |
| 40 | CVE-2017-0273 | Denial of Service Vulnerability | Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 7 Microsoft Windows RT 8.1 |
| 41 | CVE-2017-0280 | Denial of Service Vulnerability | Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 7 Microsoft Windows RT 8.1 |
| 42 | CVE-2017-0246 | Privilege Escalation Vulnerability |
Microsoft Windows 10 |
| 43 | CVE-2017-0244 | Privilege Escalation Vulnerability |
Microsoft Windows Server 2008 SP2 |
| 44 | CVE-2017-0175 | Information Disclosure Vulnerability |
Microsoft Windows Server 2008 SP2 |
| 45 | CVE-2017-0220 | Information Disclosure Vulnerability |
Microsoft Windows 7 |
| 46 | CVE-2017-0258 | Information Disclosure Vulnerability |
Microsoft Windows 10 |
| 47 | CVE-2017-0259 | Information Disclosure Vulnerability |
Microsoft Windows Server 2012 R2 |
| 48 | CVE-2017-0077 | Privilege Escalation Vulnerability |
Microsoft Windows 10 |
| 49 | CVE-2017-0245 | Information Disclosure Vulnerability |
Microsoft Windows 7 SP1 |
| 50 | CVE-2017-0263 | Privilege Escalation Vulnerability |
Microsoft Windows 10 |
| 51 | CVE-2017-0171 | Denial of Service Vulnerability |
Microsoft Windows Server 2008 SP2 |
| 52 | CVE-2017-0213 | Privilege Escalation Vulnerability |
Microsoft Windows Server 2016 |
| 53 | CVE-2017-0214 | Privilege Escalation Vulnerability |
Microsoft Windows Server 2016 |
| 54 | CVE-2017-0190 | Information Disclosure Vulnerability |
Microsoft Windows Server 2016 |
| 55 | CVE-2017-0242 | Information Disclosure Vulnerability |
Microsoft Windows Server 2008 R2 SP1 |
| 56 | CVE-2017-0290 | Remote Code Execution Vulnerability |
Microsoft Forefront Endpoint Protection 2010 |
Microsoft's summary of the May 2017 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
