Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Windows and Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause a denial of service or execute arbitrary code.
Below is a complete list of vulnerabilities:
- An improper validation of input before loading DLL (dynamic link library) files can be exploited remotely by convincing a user to open a specially designed Office document to execute arbitrary code;
- An incorrect enforcement of privilege levels in Windows Hyper-V instruction emulation can be exploited remotely to gain privileges on a target guest operating system;
- An improper validation of buffer length done by tdx.sys can be exploited remotely via a specially designed application to gain privileges;
- An incorrect handling of cabinet files can be exploited remotely via a specially designed cabinet file to execute arbitrary code;
- Multiple vulnerabilities related to an improper handling of objects in memory in Windows Uniscribe can be exploited remotely by convincing a user to visit an untrusted webpage or open a specially designed document to obtain sensitive information;
- An improper handling of objects in memory in Windows Uniscribe can be exploited remotely to obtain sensitive information;
- Multiple vulterabilities related to an incorrect parsing of PDF files in Microsoft Windows, Microsoft Word 2013 and Microsoft Word 2016 can be exploited remotely by convincing a user to open a specially designed PDF file to execute arbitrary code;
- Multiple vulnerabilities related to an improper initialization of objects in memory in Windows kernel can be exploited via a specially designed application to obtain sensitive information;
- An incorrect handling of files in memory in Microsoft office can be exploited remotely either by sending a specially designed file and convincing a user to open the file or by hosting a website with a malicious content to execute arbitrary code;
- An improper handling of LNK files in the Windows Explorer can be exploited remotely in case an icon of a specially designed shortcut is displayed to execute arbitrary code;
- An incorrect handling of objects in memory in Windows kernel-mode driver can be exploited locally via a specially designed application to gain privileges;
- An improper parsing of PDF files in Microsoft Windows can be exploited remotely by convincing a user to open a specially designed PDF file to obtain sensitive information;
- An incorrect sanitizing of content in Skype for Business and Lync Servers can be exploited remotely by inviting a user to an instant message session and sending a message which contains a specially designed JavaScript content to obtain sensitive information.
Technical details
In case of vulnerability (4), malicious user can convince a user to open a specially designed cabinet file or spoof a network printer and convince a user to open a specially designed cabinet file which looks like a printer driver.
Vulnerability (6) can be exploited by convincing a user to open a specially designed website and making users look through the attacker-controlled content.
Vulnerability (6) can also can be exploited by convining a user to open a specially designed document file.
Ursprüngliche Informationshinweise
- CVE-2017-0284
- CVE-2017-0218
- CVE-2017-0215
- CVE-2017-8479
- CVE-2017-0299
- CVE-2017-8485
- CVE-2017-0193
- CVE-2017-8478
- CVE-2017-8488
- CVE-2017-8528
- CVE-2017-8460
- CVE-2017-8475
- CVE-2017-8476
- CVE-2017-8470
- CVE-2017-8494
- CVE-2017-8466
- CVE-2017-8464
- CVE-2017-0291
- CVE-2017-0216
- CVE-2017-0292
- CVE-2017-8480
- CVE-2017-8489
- CVE-2017-0285
- CVE-2017-0300
- CVE-2017-8534
- CVE-2017-8491
- CVE-2017-8471
- CVE-2017-8477
- CVE-2017-8462
- CVE-2017-0173
- CVE-2017-0294
- CVE-2017-8472
- CVE-2017-8482
- CVE-2017-8492
- CVE-2017-8490
- CVE-2017-8483
- CVE-2017-0283
- CVE-2017-8484
- CVE-2017-8481
- CVE-2017-8468
- CVE-2017-8550
- CVE-2017-0282
- CVE-2017-0260
- CVE-2017-8509
- CVE-2017-8469
- CVE-2017-8474
- CVE-2017-8465
- CVE-2017-0297
- CVE-2017-0296
- CVE-2017-8473
Betroffene Produkte
- Microsoft-Office
- Microsoft-Word
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
CVE Liste
KB Liste
- 4022719
- 4022726
- 4022714
- 4022724
- 4022727
- 4022715
- 4025342
- 4025339
- 4034668
- 4034674
- 4034681
- 4034658
- 4034660
- 4022725
- 4022722
- 4022717
- 4024402
- 4022718
- 3203391
- 3203393
- 3191882
- 3203427
- 4020732
- 4020733
- 4022008
- 4020735
- 4020736
- 3178667
- 3203432
- 3203484
- 3203485
- 4020734
- 3191837
- 4021903
- 4021923
- 3162051
- 3203438
- 3191939
- 4022013
- 3203430
- 4022010
- 3203436
- 3203386
- 3203382
- 3212223
- 3203458
- 3118389
- 4018106
- 3191848
- 3191943
- 4022887
- 4022884
- 3191945
- 3191944
- 4022883
- 3191828
- 3217845
- 3203441
- 3191844
- 4023307
- 3203466
- 3203464
- 3203463
- 3203460
- 3191908
- 4034666
- 4034665
- 4034672
- 4034679
- 4034664
- 4034741
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com