Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause a denial of service and obtain sensitive information.
Below is a complete list of vulnerabilities:
- An improper parsing of XML input in the Windows Performance Monitor Console can be exploited via specially designed XML data to obtain sensitive information;
- An improper handling and sharing of executable files during rename operations in Windows Explorer can be exploited by sharing both a folder and malware named with an executable extension and making the user confuse the malware with the folder to execute arbitrary code;
- Multiple vulnerabilities related to incorrect handling of objects in the Microsoft Graphics Component can be exploited via a specially designed application to gain privileges;
- An improper handling of objects in Win32k can be exploited via a specially designed application to obtain sensitive information;
- A fail to prevent tampering with the SNAME field during ticket exchange in Kerberos can be exploited to bypass security restrictions;
- An improper parsing of XML input in the Windows System Information Console an be exploited via specially designed XML data to obtain sensitive information;
- Multiple vulnerabilities related to improper handling of objects in the Windows kernel can be exploited via a specially designed application to gain privileges;
- An incorrect handling of calls to Advanced Local Procedure Call in Windows can be exploited via a specially designed application to gain privileges;
- An improper fall back to NTLM (NT LAN Manager) Authentication Protocol in Kerberos can be exploited remotely via a specially designed application to gain privileges;
- An incorrect initializing of a memory address in the Windows kernel can be exploited via a specially designed application to obtain sensitive information;
- An incorrect deserializing of user supplied scripts in PowerShell can be exploited remotely to execute arbitrary code;
- An improper handling of parameters of in a method of a DCOM class in Windows Input Method Editor can be exploited via a specially designed application to gain privileges;
- Multiple vulnerabilities related to incorrect handling of objects in Windows can be exploited via a specially designed application to gain privileges;
- An improper handling of objects in the HTTP.sys server application component can exploited remotely by issuing a request to the HTTP.sys server application to obtain sensitive information;
- An improper handling of objects in HoloLens can be exploited by sending a specially designed WiFi packet to execute arbitrary code;
- A vulnerability when open a non-existent file in Windows Explorer can be exploited remotely by hosting a specially crafted web site and convincing a user to browse to the page, containing the reference to the non-existing file to cause denial of service;
- An improper parsing of files in WordPad can be exploited via a specially designed file to execute arbitrary code;
- An incorrect handling of objects in memory in Windows Search can be exploited remotely by sending specially designed messages to the Windows Search service to execute arbitrary code;
- An improper handling of objects in memory in the Windows Common Log File System driver can be exploited remotely via a specially designed application to gain privileges.
Technical details
Vulnerability (11) occurs when PSObject wraps a CIM instance.
Ursprüngliche Informationshinweise
- CVE-2017-8557
- CVE-2017-8556
- CVE-2017-8562
- CVE-2017-8563
- CVE-2017-8561
- CVE-2017-8566
- CVE-2017-8564
- CVE-2017-8565
- CVE-2017-8580
- CVE-2017-8581
- CVE-2017-8582
- CVE-2017-8584
- CVE-2017-8587
- CVE-2017-8486
- CVE-2017-8588
- CVE-2017-8589
- CVE-2017-0170
- CVE-2017-8467
- CVE-2017-8463
- CVE-2017-8574
- CVE-2017-8577
- CVE-2017-8573
- CVE-2017-8590
- CVE-2017-8578
- CVE-2017-0170
- CVE-2017-8463
- CVE-2017-8486
- CVE-2017-8557
- CVE-2017-8563
- CVE-2017-8564
- CVE-2017-8565
- CVE-2017-8566
- CVE-2017-8578
- CVE-2017-8581
- CVE-2017-8582
- CVE-2017-8584
- CVE-2017-8587
- CVE-2017-8588
- CVE-2017-8589
- CVE-2017-8590
- CVE-2017-8592
CVE Liste
- CVE-2017-0170 critical
- CVE-2017-8463 critical
- CVE-2017-8467 critical
- CVE-2017-8486 critical
- CVE-2017-8495 critical
- CVE-2017-8556 critical
- CVE-2017-8557 critical
- CVE-2017-8561 critical
- CVE-2017-8562 critical
- CVE-2017-8563 critical
- CVE-2017-8564 critical
- CVE-2017-8565 critical
- CVE-2017-8566 critical
- CVE-2017-8573 critical
- CVE-2017-8574 critical
- CVE-2017-8577 critical
- CVE-2017-8578 critical
- CVE-2017-8580 critical
- CVE-2017-8581 critical
- CVE-2017-8582 critical
- CVE-2017-8584 critical
- CVE-2017-8587 critical
- CVE-2017-8588 critical
- CVE-2017-8589 critical
- CVE-2017-8590 critical
- CVE-2017-8592 critical
KB Liste
- 4025342
- 4025339
- 4025344
- 4025338
- 4022746
- 4022748
- 4022914
- 4025331
- 4025333
- 4025336
- 4025337
- 4025341
- 4025343
- 4025397
- 4025398
- 4025409
- 4025497
- 4025674
- 4025872
- 4025877
- 4026059
- 4026061
- 4032955
- 4025240
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!