Multiple vulnerabilities in Microsoft Windows

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service.

Below is a complete list of vulnerabilities:

1. An improper validation of certain elements of a signed PowerShell script in Device Guard can be exploited remotely to bypass security restrictions;
2. An incorrect handling of certain requests sent by a malicious SMB server to the client can be exploited remotely via injected HTML header links, redirectors and some other methods causing the SMB client to connect to a malicious SMB server and cause a denial of service;
3. An improper validation of input before loading DLL files can be exploited remotely to execute arbitrary code;
4. A failure in handling requests in dnsclient can be exploited remotely via making a user visit an untrusted webpage (if the target is workstation) or sending a DNS query to a malicious server (if the target is a server) to obtain sensitive information;
5. An improper client authentication in Helppane.exe can be exploited remotely to gain privileges and execute arbitrary code;
6. An integer overflow vulnerability in the iSNS Server service can be exploited remotely via connecting to the iSNS Server with a specially designed apllication and sending malicious requests using it to execute arbitrary code in the context of the SYSTEM account.

---

Technical details

Vulnerability (2) is related to the implementations of the Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client.

Vulnerability (3) can be exploited by an attacker who has an access to the local system and has an ability to run a malicious application.

Vulnerability (5) can be exploited in case a DCOM object in Helppane.exe is configured to run as the interactive user.

Vulnerability (6) occurs when iSNS Server service fails to validate input from the client in a proper way.

Ursprüngliche Informationshinweise

• MS17-012

• CVE-2017-0051
• CVE-2017-0021
• CVE-2017-0095
• CVE-2017-0096
• CVE-2017-0097
• CVE-2017-0098
• CVE-2017-0099
• CVE-2017-0109
• CVE-2017-0074
• CVE-2017-0075
• CVE-2017-0076
• CVE-2017-0055
• CVE-2017-0102
• CVE-2017-0103
• CVE-2017-0101
• CVE-2017-0050
• CVE-2017-0056
• CVE-2017-0024
• CVE-2017-0026
• CVE-2017-0078
• CVE-2017-0079
• CVE-2017-0080
• CVE-2017-0081
• CVE-2017-0082
• CVE-2017-0043
• CVE-2017-0045
• CVE-2017-0022
• CVE-2017-0143
• CVE-2017-0144
• CVE-2017-0145
• CVE-2017-0146
• CVE-2017-0147
• CVE-2017-0148
• CVE-2017-0014
• CVE-2017-0060
• CVE-2017-0061
• CVE-2017-0062
• CVE-2017-0063
• CVE-2017-0025
• CVE-2017-0073
• CVE-2017-0108
• CVE-2017-0038
• CVE-2017-0001
• CVE-2017-0005
• CVE-2017-0047
• CVE-2017-0072
• CVE-2017-0083
• CVE-2017-0084
• CVE-2017-0085
• CVE-2017-0086
• CVE-2017-0087
• CVE-2017-0088
• CVE-2017-0089
• CVE-2017-0090
• CVE-2017-0091
• CVE-2017-0092
• CVE-2017-0111
• CVE-2017-0112
• CVE-2017-0113
• CVE-2017-0114
• CVE-2017-0115
• CVE-2017-0116
• CVE-2017-0117
• CVE-2017-0118
• CVE-2017-0119
• CVE-2017-0120
• CVE-2017-0121
• CVE-2017-0122
• CVE-2017-0123
• CVE-2017-0124
• CVE-2017-0125
• CVE-2017-0126
• CVE-2017-0127
• CVE-2017-0128
• CVE-2017-0130
• CVE-2017-0008
• CVE-2017-0057
• CVE-2017-0100
• CVE-2017-0104
• CVE-2017-0007
• CVE-2017-0016
• CVE-2017-0039

CVE Liste

• CVE-2017-0051
  critical
• CVE-2017-0021
  critical
• CVE-2017-0095
  critical
• CVE-2017-0096
  critical
• CVE-2017-0097
  critical
• CVE-2017-0098
  critical
• CVE-2017-0099
  critical
• CVE-2017-0109
  critical
• CVE-2017-0074
  critical
• CVE-2017-0075
  critical
• CVE-2017-0076
  critical
• CVE-2017-0055
  critical
• CVE-2017-0102
  critical
• CVE-2017-0103
  critical
• CVE-2017-0101
  critical
• CVE-2017-0050
  critical
• CVE-2017-0056
  critical
• CVE-2017-0024
  critical
• CVE-2017-0026
  critical
• CVE-2017-0078
  critical
• CVE-2017-0079
  critical
• CVE-2017-0080
  critical
• CVE-2017-0081
  critical
• CVE-2017-0082
  critical
• CVE-2017-0043
  critical
• CVE-2017-0045
  critical
• CVE-2017-0022
  critical
• CVE-2017-0143
  critical
• CVE-2017-0144
  critical
• CVE-2017-0145
  critical
• CVE-2017-0146
  critical
• CVE-2017-0147
  critical
• CVE-2017-0148
  critical
• CVE-2017-0014
  critical
• CVE-2017-0060
  critical
• CVE-2017-0061
  critical
• CVE-2017-0062
  critical
• CVE-2017-0063
  critical
• CVE-2017-0025
  critical
• CVE-2017-0073
  critical
• CVE-2017-0108
  critical
• CVE-2017-0038
  critical
• CVE-2017-0001
  critical
• CVE-2017-0005
  critical
• CVE-2017-0047
  critical
• CVE-2017-0072
  critical
• CVE-2017-0083
  critical
• CVE-2017-0084
  critical
• CVE-2017-0085
  critical
• CVE-2017-0086
  critical
• CVE-2017-0087
  critical
• CVE-2017-0088
  critical
• CVE-2017-0089
  critical
• CVE-2017-0090
  critical
• CVE-2017-0091
  critical
• CVE-2017-0092
  critical
• CVE-2017-0111
  critical
• CVE-2017-0112
  critical
• CVE-2017-0113
  critical
• CVE-2017-0114
  critical
• CVE-2017-0115
  critical
• CVE-2017-0116
  critical
• CVE-2017-0117
  critical
• CVE-2017-0118
  critical
• CVE-2017-0119
  critical
• CVE-2017-0120
  critical
• CVE-2017-0121
  critical
• CVE-2017-0122
  critical
• CVE-2017-0123
  critical
• CVE-2017-0124
  critical
• CVE-2017-0125
  critical
• CVE-2017-0126
  critical
• CVE-2017-0127
  critical
• CVE-2017-0128
  critical
• CVE-2017-0130
  critical
• CVE-2017-0008
  critical
• CVE-2017-0057
  critical
• CVE-2017-0100
  critical
• CVE-2017-0104
  critical
• CVE-2017-0007
  critical
• CVE-2017-0016
  critical
• CVE-2017-0039
  critical

KB Liste

• 4012217
• 4012215
• 4012216
• 4012606
• 4013198
• 4013429
• 3211306
• 4012212
• 4012214
• 4012213
• 4012598
• 4012583
• 3217587
• 4012021
• 4012373
• 4012497
• 4017018
• 4012584
• 3218362
• 3205715
• 4011981
• 3217882

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com