This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that customers visit the Support Portal and apply patches on a priority to protect their SAP landscape.
On 9th of May 2017, SAP Security Patch Day saw the release of 9 security notes. Additionally, there were 2 updates to previously released security notes.
List of security notes released on the May Patch Day:
Missing XML Validation vulnerability in SAP NetWeaver Web Services Configuration UI
Security Notes vs Vulnerability Types- May 2017
Security Notes vs Priority Distribution (December 2016 - May 2017)**
* Patch Day Security Notes are all notes that appear under the category of "Patch Day Notes" inSAP Support Portal
** Any Patch Day Security Note released after the second Tuesday, will be accounted for in the following SAP Security Patch Day.
Customers who would like to take a look atall Security Notes that are published or updated after the previous Patch Day see: https://support.sap.com/securitynotes -> All Security Notes -> Filter for notes which have been published after 11th April 2017.