Kaspersky Threats

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Windows Explorer can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
A remote code execution vulnerability in Windows PowerShell can be exploited remotely to execute arbitrary code.
A security feature bypass vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to bypass security restrictions.
A security feature bypass vulnerability in Kerberos SNAME can be exploited remotely to bypass security restrictions.
An information disclosure vulnerability in Windows System Information Console can be exploited remotely via specially crafted to obtain sensitive information.
An information disclosure vulnerability in Windows Performance Monitor can be exploited remotely via specially crafted to obtain sensitive information.
A remote code execution vulnerability in WordPad can be exploited remotely via specially crafted files to execute arbitrary code.
A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
A denial of service vulnerability in Windows Explorer can be exploited remotely via specially crafted web to cause denial of service.
An information disclosure vulnerability in Http.sys can be exploited remotely to obtain sensitive information.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVE list

CVE-2017-0170
high
CVE-2017-8463
critical
CVE-2017-8467
high
CVE-2017-8486
warning
CVE-2017-8495
critical
CVE-2017-8556
high
CVE-2017-8557
high
CVE-2017-8563
critical
CVE-2017-8564
high
CVE-2017-8565
critical
CVE-2017-8573
high
CVE-2017-8577
high
CVE-2017-8578
critical
CVE-2017-8580
high
CVE-2017-8581
high
CVE-2017-8582
high
CVE-2017-8587
high
CVE-2017-8588
high
CVE-2017-8589
critical
CVE-2017-8590
critical
CVE-2017-8592
high
CVE-2017-8606
critical
CVE-2017-8607
critical
CVE-2017-8608
critical
CVE-2017-8618
critical

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Multiple vulnerabilities in Microsoft Products (ESU)