Multiple vulnerabilities in Microsoft Products (ESU)

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
2. A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
3. An information disclosure vulnerability in Windows Search can be exploited remotely via specially crafted to obtain sensitive information.
4. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
5. A remote code execution vulnerability in Windows Uniscribe can be exploited remotely via specially crafted website to execute arbitrary code.
6. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
7. An information disclosure vulnerability in Windows Uniscribe can be exploited remotely via specially crafted document to obtain sensitive information.
8. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
9. An elevation of privilege vulnerability in Hypervisor Code Integrity can be exploited remotely to gain privileges.
10. An elevation of privilege vulnerability in Windows COM Session can be exploited remotely via specially crafted application to obtain sensitive information.
11. A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
12. A remote code execution vulnerability in Windows can be exploited remotely via specially crafted cabinet to execute arbitrary code.
13. An elevation of privilege vulnerability in Windows TDX can be exploited remotely via specially crafted application to gain privileges.
14. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
15. A remote code execution vulnerability in Win32k Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
16. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
17. A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted to execute arbitrary code.

Original advisories

• CVE-2017-8485

• CVE-2017-8484
• CVE-2017-8481
• CVE-2017-8480
• CVE-2017-8469
• CVE-2017-8482
• CVE-2017-8464
• CVE-2017-8544
• CVE-2017-8462
• CVE-2017-0289
• CVE-2017-0288
• CVE-2017-8528
• CVE-2017-8529
• CVE-2017-0283
• CVE-2017-0282
• CVE-2017-0287
• CVE-2017-0286
• CVE-2017-0285
• CVE-2017-0284
• CVE-2017-8483
• CVE-2017-8517
• CVE-2017-0193
• CVE-2017-8471
• CVE-2017-0298
• CVE-2017-8478
• CVE-2017-8479
• CVE-2017-8543
• CVE-2017-8492
• CVE-2017-8490
• CVE-2017-8491
• CVE-2017-8470
• CVE-2017-8489
• CVE-2017-8472
• CVE-2017-8473
• CVE-2017-8553
• CVE-2017-8475
• CVE-2017-8476
• CVE-2017-8488
• CVE-2017-0294
• CVE-2017-0296
• CVE-2017-0297
• CVE-2017-8534
• CVE-2017-8477
• CVE-2017-8531
• CVE-2017-0299
• CVE-2017-8533
• CVE-2017-8532
• CVE-2017-8527
• CVE-2017-8519
• CVE-2017-0260
• CVE-2017-0300

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Internet-Explorer
• Microsoft-Silverlight
• Microsoft-Lync
• Microsoft-Office
• Microsoft-Lync-2010-Attendee
• Microsoft-Word
• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10
• Microsoft-Edge

CVE list

• CVE-2017-8543
  critical
• CVE-2017-0284
  warning
• CVE-2017-8479
  warning
• CVE-2017-0299
  warning
• CVE-2017-8485
  warning
• CVE-2017-0193
  critical
• CVE-2017-8478
  warning
• CVE-2017-8488
  warning
• CVE-2017-8528
  critical
• CVE-2017-8475
  warning
• CVE-2017-8476
  warning
• CVE-2017-8470
  warning
• CVE-2017-8464
  critical
• CVE-2017-8480
  warning
• CVE-2017-8489
  warning
• CVE-2017-0285
  warning
• CVE-2017-0300
  warning
• CVE-2017-8534
  high
• CVE-2017-8491
  warning
• CVE-2017-8471
  warning
• CVE-2017-8477
  warning
• CVE-2017-8462
  warning
• CVE-2017-0294
  critical
• CVE-2017-8472
  warning
• CVE-2017-8482
  warning
• CVE-2017-8492
  warning
• CVE-2017-8490
  warning
• CVE-2017-8483
  warning
• CVE-2017-0283
  critical
• CVE-2017-8484
  warning
• CVE-2017-8481
  warning
• CVE-2017-0282
  warning
• CVE-2017-0260
  critical
• CVE-2017-8469
  high
• CVE-2017-0297
  warning
• CVE-2017-0296
  critical
• CVE-2017-8473
  warning
• CVE-2017-8517
  critical
• CVE-2017-8519
  critical
• CVE-2017-8529
  high
• CVE-2017-0286
  warning
• CVE-2017-0287
  warning
• CVE-2017-0288
  warning
• CVE-2017-0289
  warning
• CVE-2017-8527
  critical
• CVE-2017-8531
  high
• CVE-2017-8532
  high
• CVE-2017-8533
  high
• CVE-2017-0298
  high
• CVE-2017-8544
  high
• CVE-2017-8553
  warning

KB list

• 4022719
• 4021558
• 4022722
• 4024402
• 4022008
• 4021903
• 4021923
• 4022013
• 4022010
• 4018106
• 4022887
• 4022884
• 4022883
• 3217845
• 4034679
• 4034664
• 4034741
• 4036586
• 4503292
• 4503269

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com