説明
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Search can be exploited remotely via specially crafted to obtain sensitive information.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Windows Uniscribe can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
- An information disclosure vulnerability in Windows Uniscribe can be exploited remotely via specially crafted document to obtain sensitive information.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An elevation of privilege vulnerability in Hypervisor Code Integrity can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows COM Session can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
- A remote code execution vulnerability in Windows can be exploited remotely via specially crafted cabinet to execute arbitrary code.
- An elevation of privilege vulnerability in Windows TDX can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Win32k Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
- A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted to execute arbitrary code.
オリジナルアドバイザリー
- CVE-2017-8484
- CVE-2017-8481
- CVE-2017-8480
- CVE-2017-8469
- CVE-2017-8482
- CVE-2017-8464
- CVE-2017-8544
- CVE-2017-8462
- CVE-2017-0289
- CVE-2017-0288
- CVE-2017-8528
- CVE-2017-8529
- CVE-2017-0283
- CVE-2017-0282
- CVE-2017-0287
- CVE-2017-0286
- CVE-2017-0285
- CVE-2017-0284
- CVE-2017-8483
- CVE-2017-8517
- CVE-2017-0193
- CVE-2017-8471
- CVE-2017-0298
- CVE-2017-8478
- CVE-2017-8479
- CVE-2017-8543
- CVE-2017-8492
- CVE-2017-8490
- CVE-2017-8491
- CVE-2017-8470
- CVE-2017-8489
- CVE-2017-8472
- CVE-2017-8473
- CVE-2017-8553
- CVE-2017-8475
- CVE-2017-8476
- CVE-2017-8488
- CVE-2017-0294
- CVE-2017-0296
- CVE-2017-0297
- CVE-2017-8534
- CVE-2017-8477
- CVE-2017-8531
- CVE-2017-0299
- CVE-2017-8533
- CVE-2017-8532
- CVE-2017-8527
- CVE-2017-8519
- CVE-2017-0260
- CVE-2017-0300
エクスプロイテーション
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
関連製品
- Microsoft-Internet-Explorer
- Microsoft-Silverlight
- Microsoft-Lync
- Microsoft-Office
- Microsoft-Lync-2010-Attendee
- Microsoft-Word
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
- Microsoft-Edge
CVEリスト
- CVE-2017-8543 critical
- CVE-2017-0284 warning
- CVE-2017-8479 warning
- CVE-2017-0299 warning
- CVE-2017-8485 warning
- CVE-2017-0193 critical
- CVE-2017-8478 warning
- CVE-2017-8488 warning
- CVE-2017-8528 critical
- CVE-2017-8475 warning
- CVE-2017-8476 warning
- CVE-2017-8470 warning
- CVE-2017-8464 critical
- CVE-2017-8480 warning
- CVE-2017-8489 warning
- CVE-2017-0285 warning
- CVE-2017-0300 warning
- CVE-2017-8534 high
- CVE-2017-8491 warning
- CVE-2017-8471 warning
- CVE-2017-8477 warning
- CVE-2017-8462 warning
- CVE-2017-0294 critical
- CVE-2017-8472 warning
- CVE-2017-8482 warning
- CVE-2017-8492 warning
- CVE-2017-8490 warning
- CVE-2017-8483 warning
- CVE-2017-0283 critical
- CVE-2017-8484 warning
- CVE-2017-8481 warning
- CVE-2017-0282 warning
- CVE-2017-0260 critical
- CVE-2017-8469 high
- CVE-2017-0297 warning
- CVE-2017-0296 critical
- CVE-2017-8473 warning
- CVE-2017-8517 critical
- CVE-2017-8519 critical
- CVE-2017-8529 high
- CVE-2017-0286 warning
- CVE-2017-0287 warning
- CVE-2017-0288 warning
- CVE-2017-0289 warning
- CVE-2017-8527 critical
- CVE-2017-8531 high
- CVE-2017-8532 high
- CVE-2017-8533 high
- CVE-2017-0298 high
- CVE-2017-8544 high
- CVE-2017-8553 warning
KBリスト
- 4022719
- 4021558
- 4022722
- 4024402
- 4022008
- 4021903
- 4021923
- 4022013
- 4022010
- 4018106
- 4022887
- 4022884
- 4022883
- 3217845
- 4034679
- 4034664
- 4034741
- 4036586
- 4503292
- 4503269
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!