Kaspersky Threats

KLA11101
Arbitrary code execution vulnerability in Microsoft .NET Framework

Updated: 06/18/2020

Detect date ?	09/12/2017
Severity ?	Critical
Description	An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application. Technical details NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.
Affected products	Microsoft .NET Framework 4.7 Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2017-8759 CVE-2017-8759
Impacts ?	ACE [?]
Related products	Microsoft .NET Framework
CVE-IDS ?	CVE-2017-87599.3Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	4038788 4038782 4038783 4038781 4040955 4040956 4040957 4040958 4040959 4040960 4040964 4040965 4040966 4040967 4040971 4040972 4040973 4040974 4040975 4040977 4040978 4040979 4040980 4040981
Exploitation	This vulnerability can be exploited by the following malware: https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/42711