KLA10988
Information disclosure vulnerability in Windows DirectShow

Updated: 06/03/2020
Detect date
?
03/14/2017
Severity
?
Warning
Description

An improper objects handling in memory was found in Windows DirectShow. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website.

Affected products

Microsoft Windows Vista Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS17-021
CVE-2017-0042

Impacts
?
OSI 
[?]
Related products
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Windows 10
CVE-IDS
?
CVE-2017-00422.6Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

4015551
4012215
4012216
4012606
4013198
4013429
4012212
4012213
4010318
3214051
4015548

Find out the statistics of the vulnerabilities spreading in your region