Kaspersky Threats

KLA11047
Multiple vulnerabilities in Microsoft Development Tools

Updated: 06/18/2020

Detect date ?	06/13/2017
Severity ?	Critical
Description	Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code.
Affected products	Skype for Business 2016 Microsoft Windows 7 Service Pack 1 Microsoft Windows RT 8.1 Microsoft Windows 8.1 Microsoft Windows 10 Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 Microsoft Lync 2013 Service Pack 1
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts ?	ACE [?] OSI [?] SB [?] PE [?] SUI [?]
Related products	Microsoft Silverlight Microsoft Lync Microsoft Office Microsoft Windows Server 2012 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10
CVE-IDS ?	CVE-2017-02830.0Unknown CVE-2017-85278.8Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	4023307
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/42234 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.