KLA10978 Multiple vulnerabilities in Windows Uniscribe
Обновлено: 18/06/2020
Дата обнаружения
14/03/2017
Уровень угрозы
Critical
Описание
Multiple serious vulnerabilities have been found in Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities:
An improper handling of objects in memory can be exploted remotely via a specially designed website or a specially designed document file to execute arbitrary code;
An improper disclosure of the contents of Windows Uniscribe memory can be exploited remotely via a specially designed document or by convincing a user to visit an untrusted webpage to obtain sensitive information.
Пораженные продукты
Microsoft Windows Vista Service Pack 2 Microsoft Windows 7 Service Pack 1 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows 10 Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2
Решение
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)