Multiple vulnerabilities in Microsoft Windows

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause a denial of service, gain privileges, obtain sensitive information or execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An improper way of handling certain calls and escapes in Microsoft DirectX graphics kernel (dxgkrnl.sys) can be exploited remotely via a specially designed application to cause a denial of service;
2. An incorrect processing of DNS queries in Windows DNS Server can be exploited remotely via specially designed DNS queries to cause a denial of service;
3. An improper handling of objects in memory in Windows kernel can be exploited remotely via a specially designed application to obtain sensitive information;
4. An improper handling of objects in memory in Windows GDI (Graphics Device Interface) can be exploited remotely via a specially designed application to obtain sensitive information;
5. An improper validation of vSMB packet data in Windows Hyper-V can be exploited remotely to gain privileges;
6. An incorrect processing of interface requests in Windows COM Aggregate Marshaler can be exploited remotely to gain privileges;
7. An improper validation of permissions while loading type libraries in Windows COM can be exploited locally via a specially designed application to gain privileges;
8. An incorrect handing of objects in memory can be exploited remotely via a specially designed application to obtain sensitive information;
9. An incorrect instantiation of some ActiveX objects can be exploited remotely by convincing user to open a malicious content designed to instantiate the vulnerable object to obtain sensitive information;
10. An incorrect handing of objects in memory in Windows Kernel can be exploited remotely via a specially designed application to gain privileges;
11. An improper handling of objects in memory in the win32k component can be exploited either locally by logging in or remotely by convincing a user to run a specially designed application to obtain sensitive information or gain privileges;
12. An improper initializing of objects in memory in Windows kernel can be exploited via a specially designed application to obtain sensitive information;
13. An improper handling of objects in memory in the Windows kernel-mode driver can be exploited via a specially designed application runned by an authenticated user to gain privileges;
14. Multiple vulnerabilities related to an improper handling of certain requests in SMBv1 (Microsoft Server Message Block 1.0) can be exploited remotely via a specially designed packet to obtain sensitive information;
15. Multiple vulnerabilities related to an improper handling of certain requests in SMB (Microsoft Server Message Block) can be exploited remotely via a specially SMB request to cause a denial of service;
16. Multiple vulnerabilities related to an improper handling of certain requests in SMB (Microsoft Server Message Block) can be exploited remotely via a specially designed packet to execute arbitrary code;
17. An incorrect manner of scanning specially designed files in Microsoft Malware Protection engine can be exploited remotely to execute arbitrary code.

---

Technical details

Users can disable SMBv1 as a workaround for vulnerabilities (14)-(16).

To exploit vulnerability (17), a specially designed file must be scanned by an affected version of Microsoft Malware Protection engine. A malicious file can be delivered by an Instant Messenger message, website or an email message. Vulnerability exploit doesn’t depend on whether real-time protection is turned on or not.

Ursprüngliche Informationshinweise

• CVE-2017-0280

• CVE-2017-0242
• CVE-2017-0246
• CVE-2017-0245
• CVE-2017-0244
• CVE-2017-0214
• CVE-2017-0212
• CVE-2017-0213
• CVE-2017-0077
• CVE-2017-0171
• CVE-2017-0175
• CVE-2017-0258
• CVE-2017-0259
• CVE-2017-0278
• CVE-2017-0279
• CVE-2017-0276
• CVE-2017-0277
• CVE-2017-0274
• CVE-2017-0275
• CVE-2017-0272
• CVE-2017-0273
• CVE-2017-0270
• CVE-2017-0271
• CVE-2017-0263
• CVE-2017-0267
• CVE-2017-0269
• CVE-2017-0268
• CVE-2017-0190
• CVE-2017-0220
• CVE-2017-0276
• CVE-2017-0275
• CVE-2017-0274
• CVE-2017-0273
• CVE-2017-0272
• CVE-2017-0271
• CVE-2017-0270
• CVE-2017-0269
• CVE-2017-0268
• CVE-2017-0267
• CVE-2017-0259
• CVE-2017-0258
• CVE-2017-0245
• CVE-2017-0242
• CVE-2017-0220
• CVE-2017-0214
• CVE-2017-0213
• CVE-2017-0212
• CVE-2017-0190
• CVE-2017-0175
• CVE-2017-0171

CVE Liste

• CVE-2017-0280
  critical
• CVE-2017-0279
  critical
• CVE-2017-0278
  critical
• CVE-2017-0277
  critical
• CVE-2017-0276
  critical
• CVE-2017-0275
  critical
• CVE-2017-0274
  critical
• CVE-2017-0273
  critical
• CVE-2017-0272
  critical
• CVE-2017-0271
  critical
• CVE-2017-0270
  critical
• CVE-2017-0269
  critical
• CVE-2017-0268
  critical
• CVE-2017-0267
  critical
• CVE-2017-0263
  critical
• CVE-2017-0259
  critical
• CVE-2017-0258
  critical
• CVE-2017-0246
  critical
• CVE-2017-0245
  critical
• CVE-2017-0244
  critical
• CVE-2017-0242
  critical
• CVE-2017-0220
  critical
• CVE-2017-0214
  critical
• CVE-2017-0213
  critical
• CVE-2017-0212
  critical
• CVE-2017-0190
  critical
• CVE-2017-0175
  critical
• CVE-2017-0171
  critical
• CVE-2017-0077
  critical

KB Liste

• 4038788
• 4016871
• 4019474
• 4019215
• 4019264
• 4019216
• 4019473
• 4019472
• 4019263
• 4019213
• 4019149
• 4019214
• 4018885
• 4019206
• 4018821
• 4018927
• 4018556
• 4019204
• 4018466
• 4018196

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com