DIESER SERVICE KANN ÜBERSETZUNGEN VON GOOGLE ENTHALTEN. GOOGLE ÜBERNIMMT KEINERLEI VERANTWORTUNG FÜR DIE ÜBERSETZUNGEN. DARUNTER FÄLLT JEGLICHE VERANTWORTUNG IN BEZUG AUF RICHTIGKEIT UND ZUVERLÄSSIGKEIT SOWIE JEGLICHE STILLSCHWEIGENDEN GEWÄHRLEISTUNGEN DER MARKTGÄNGIGKEIT, NICHT-VERLETZUNG VON RECHTEN DRITTER ODER DER EIGNUNG FÜR EINEN BESTIMMTEN ZWECK. Die Website von Kaspersky Lab wurde für Ihre Bequemlichkeit mithilfe einer Übersetzungssoftware von Google Translate übersetzt. Es wurden angemessene Bemühungen für die Bereitstellung einer akkuraten Übersetzung unternommen. Bitte beachten Sie, dass automatisierte Übersetzungen nicht perfekt sind und menschliche Übersetzer in keinem Fall ersetzen sollen. Übersetzungen werden den Nutzern der Kaspersky-Lab-Website als Service und "wie sie sind" zur Verfügung gestellt. Die Richtigkeit, Zuverlässigkeit oder Korrektheit jeglicher Übersetzungen aus dem Englischen in eine andere Sprache wird weder ausdrücklich noch stillschweigend garantiert. Einige Inhalte (z. B. Bilder, Videos, Flash, usw.) können aufgrund der Einschränkungen der Übersetzungssoftware möglicherweise nicht inhaltsgetreu übersetzt werden.
Kaspersky ID:
KLA11099
Erkennungsdatum:
09/12/2017
Aktualisiert:
03/29/2019

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, obtain sensitive information, bypass security restrictions, spoof user interface or execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. An improper handling of objects in memory in the Windows kernel-mode driver can be exploited locally by logging on to the system and running a specially designed application to gain privileges;
  2. An incorrect handling of memory addresses in the Windows GDI (Graphics Device Interface) can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  3. An improper validation of guest operating system user input in Hyper-V can be exploited locally via a specially designed application to obtain sensitive information;
  4. An improper validation of guest operating system user input in VM host agent service can be exploited locally by using a specially designed certificate on the guest operating system to execute arbitrary code;
  5. An incorrect handling of objects in memory in Windows Control Flow Guard can be exploited locally by running a specially designed application to bypass security restrictions;
  6. Multiple vulnerabilities related to an improper handling of objects in memory in the Windows kernel can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  7. An improper handling of objects in memory in the Win32k component can be exploited locally by logging on to the system and running a specially designed application to gain privileges;
  8. An incorrect maintaining of certain sequencing requirements in NetBT Session Services can be exploited remotely by sending specially designed packets to an impacted system to execute arbitrary code;
  9. An improper handling of Bluetooth requests in Windows can be exploited to spoof user interface;
  10. Multiple vulnerabilities related to an incorrect handling of objects in memory in the Windows GDI+ component can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  11. Multiple vulnerabilities related to an improper handling of objects in memory in the Windows kernel can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  12. An incorrect handling of embedded fonts in the Windows font library can be exploited locally by hosting a special website and convincing a user to visit it (for example, by sending them an email or an Instant Messenger message with a specially designed link) or by convincing a user to open a specially designed document file to execute arbitrary code;
  13. An incorrect handling of objects in memory in the Windows Graphics Component can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  14. An incorrect handling of memory addresses in the Windows GDI (Graphics Device Interface) can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  15. Multiple vulnerabilities related to an improper disclosure of memory kernel addresses in the Windows GDI+ component can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  16. An incorrect handling of network packets done by DHCP failover servers can be exploited remotely by sending a specially designed packet to a DHCP server which is set to failover mode to execute arbitrary code;
  17. Multiple vulnerabilities related to an incorrect handling of memory addresses in Windows kernel can be exploited locally by logging on to the system and running a specially designed application to obtain sensitive information;
  18. Multiple vulnerabilities related to an incorrect handling of objects in memory in Windows Uniscribe can be exploited remotely by hosting a special website and convincing a user to visit it (for example, by sending them an email or an Instant Messenger message with a specially designed link) or by convincing a user to open a specially designed document file to execute arbitrary code;
  19. An incorrect handling of objects in memory in Windows Uniscribe can be exploited by convincing a user to open a specially designed document or to visit an untrusted webpage to obtain sensitive information;
  20. An improper validation of file copy destinations in Windows Shell can be exploited remotely by sending an email with a specially designed file and convincing a user to open it or by hosting a specially designed website and convincing a user to visit it to execute arbitrary code;
  21. An incorrect handling and executing files done by WER (Windows Error Reporting) can be exploited locally via a specially designed application to gain privileges;
  22. An improper input validation in Microsoft Hyper-V Virtual PCI can be exploited locally by running a specially designed application on a virtual machine under a privileged account to cause a denial of service;
  23. Multiple vulnerabilities related to an improper guest operating system user input validation in Microsoft Hyper-V can be exploited locally by running a specially designed application on a virtual machine to obtain sensitive information;
  24. An incorrect parsing of XML input done by Microsoft Common Console Document (.msc) can be exploited locally by convincing an authenticated user to open a file containing a specially designed XML content to obtain sensitive information;
  25. Multiple vulnerabilities related to an improper handling of objects in memory in Microsoft Windows PDF Library can be exploited remotely via a specially designed website that contains malicious PDF content to execute arbitrary code;
  26. An incorrect exposure of functions and processing of user supplied code in PowerShell in Device Guard can be exploited locally by injecting a specially designed code into a script which is trusted by the Code Integrity Policy to bypass security restrictions;
  27. An improper handling of objects in memory done by the Broadcom chipset in HoloLens can be exploited by sending a specially designed WiFi packet to execute arbitrary code.

Technical details

To exploit vulnerability (9), the malicious user has to be within the physical proximity of the attack victim. Bluetooth on the targeted user’s computer is required to be enabled. In this case, a Bluetooth connection can be initiated to the target computer without any notifications.

Exploiting vulnerability (9) can lead to a man-in-the-middle attack and victim’s computer can be forced to unknowingly route traffic through the malicious user’s computer.

Information received after exploiting vulnerabilities (17) can lead to a KASLR (Kernel Address Space Layout Randomization) bypass.

On Windows 10, vulnerability (25) can be exploited via a specially designed website containing malicious PDF content. As for other operating systems, malicious users have to convince users to open a specially designed PDF document in browser by sending them a link in an email, instant message or as an email attachment.

NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative.

Ursprüngliche Informationshinweise

CVE Liste

  • CVE-2017-8728
    critical
  • CVE-2017-8737
    critical
  • CVE-2017-8675
    critical
  • CVE-2017-8676
    critical
  • CVE-2017-8713
    critical
  • CVE-2017-8714
    critical
  • CVE-2017-8716
    critical
  • CVE-2017-8719
    critical
  • CVE-2017-8720
    critical
  • CVE-2017-0161
    critical
  • CVE-2017-8628
    critical
  • CVE-2017-8677
    critical
  • CVE-2017-8678
    critical
  • CVE-2017-8679
    critical
  • CVE-2017-8680
    critical
  • CVE-2017-8681
    critical
  • CVE-2017-8682
    critical
  • CVE-2017-8683
    critical
  • CVE-2017-8684
    critical
  • CVE-2017-8685
    critical
  • CVE-2017-8686
    critical
  • CVE-2017-8687
    critical
  • CVE-2017-8688
    critical
  • CVE-2017-8692
    critical
  • CVE-2017-8695
    critical
  • CVE-2017-8696
    critical
  • CVE-2017-8699
    critical
  • CVE-2017-8702
    critical
  • CVE-2017-8704
    critical
  • CVE-2017-8706
    critical
  • CVE-2017-8707
    critical
  • CVE-2017-8708
    critical
  • CVE-2017-8709
    critical
  • CVE-2017-8710
    critical
  • CVE-2017-8711
    critical
  • CVE-2017-8712
    critical
  • CVE-2017-8746
    critical
  • CVE-2017-9417
    critical

KB Liste

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com

Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!
Kaspersky Next
Let´s go Next: Cybersicherheit neu gedacht
Erfahren Sie mehr
Neu: Kaspersky!
Dein digitales Leben verdient umfassenden Schutz!
Erfahren Sie mehr
Confirm changes?
Your message has been sent successfully.