Описание
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service.
Below is a complete list of vulnerabilities:
- An improper validation of certain elements of a signed PowerShell script in Device Guard can be exploited remotely to bypass security restrictions;
- An incorrect handling of certain requests sent by a malicious SMB server to the client can be exploited remotely via injected HTML header links, redirectors and some other methods causing the SMB client to connect to a malicious SMB server and cause a denial of service;
- An improper validation of input before loading DLL files can be exploited remotely to execute arbitrary code;
- A failure in handling requests in dnsclient can be exploited remotely via making a user visit an untrusted webpage (if the target is workstation) or sending a DNS query to a malicious server (if the target is a server) to obtain sensitive information;
- An improper client authentication in Helppane.exe can be exploited remotely to gain privileges and execute arbitrary code;
- An integer overflow vulnerability in the iSNS Server service can be exploited remotely via connecting to the iSNS Server with a specially designed apllication and sending malicious requests using it to execute arbitrary code in the context of the SYSTEM account.
Technical details
Vulnerability (2) is related to the implementations of the Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client.
Vulnerability (3) can be exploited by an attacker who has an access to the local system and has an ability to run a malicious application.
Vulnerability (5) can be exploited in case a DCOM object in Helppane.exe is configured to run as the interactive user.
Vulnerability (6) occurs when iSNS Server service fails to validate input from the client in a proper way.
Первичный источник обнаружения
- MS17-012
CVE-2017-0051
CVE-2017-0021
CVE-2017-0095
CVE-2017-0096
CVE-2017-0097
CVE-2017-0098
CVE-2017-0099
CVE-2017-0109
CVE-2017-0074
CVE-2017-0075
CVE-2017-0076
CVE-2017-0055
CVE-2017-0102
CVE-2017-0103
CVE-2017-0101
CVE-2017-0050
CVE-2017-0056
CVE-2017-0024
CVE-2017-0026
CVE-2017-0078
CVE-2017-0079
CVE-2017-0080
CVE-2017-0081
CVE-2017-0082
CVE-2017-0043
CVE-2017-0045
CVE-2017-0022
CVE-2017-0143
CVE-2017-0144
CVE-2017-0145
CVE-2017-0146
CVE-2017-0147
CVE-2017-0148
CVE-2017-0014
CVE-2017-0060
CVE-2017-0061
CVE-2017-0062
CVE-2017-0063
CVE-2017-0025
CVE-2017-0073
CVE-2017-0108
CVE-2017-0038
CVE-2017-0001
CVE-2017-0005
CVE-2017-0047
CVE-2017-0072
CVE-2017-0083
CVE-2017-0084
CVE-2017-0085
CVE-2017-0086
CVE-2017-0087
CVE-2017-0088
CVE-2017-0089
CVE-2017-0090
CVE-2017-0091
CVE-2017-0092
CVE-2017-0111
CVE-2017-0112
CVE-2017-0113
CVE-2017-0114
CVE-2017-0115
CVE-2017-0116
CVE-2017-0117
CVE-2017-0118
CVE-2017-0119
CVE-2017-0120
CVE-2017-0121
CVE-2017-0122
CVE-2017-0123
CVE-2017-0124
CVE-2017-0125
CVE-2017-0126
CVE-2017-0127
CVE-2017-0128
CVE-2017-0130
CVE-2017-0008
CVE-2017-0057
CVE-2017-0100
CVE-2017-0104
CVE-2017-0007
CVE-2017-0016
CVE-2017-0039
Эксплуатация
This vulnerability can be exploited by the following malware:
https://threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/
https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/
Public exploits exist for this vulnerability.
Связанные продукты
- Microsoft-Windows-Vista-2
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
Список CVE
- CVE-2017-0051 high
- CVE-2017-0021 critical
- CVE-2017-0095 critical
- CVE-2017-0096 warning
- CVE-2017-0097 high
- CVE-2017-0098 high
- CVE-2017-0099 high
- CVE-2017-0109 critical
- CVE-2017-0074 high
- CVE-2017-0075 critical
- CVE-2017-0076 high
- CVE-2017-0055 high
- CVE-2017-0102 critical
- CVE-2017-0103 high
- CVE-2017-0101 critical
- CVE-2017-0050 critical
- CVE-2017-0056 critical
- CVE-2017-0024 critical
- CVE-2017-0026 critical
- CVE-2017-0078 critical
- CVE-2017-0079 critical
- CVE-2017-0080 critical
- CVE-2017-0081 critical
- CVE-2017-0082 critical
- CVE-2017-0043 high
- CVE-2017-0045 high
- CVE-2017-0022 high
- CVE-2017-0143 critical
- CVE-2017-0144 critical
- CVE-2017-0145 critical
- CVE-2017-0146 critical
- CVE-2017-0147 critical
- CVE-2017-0148 critical
- CVE-2017-0014 critical
- CVE-2017-0060 high
- CVE-2017-0061 high
- CVE-2017-0062 warning
- CVE-2017-0063 high
- CVE-2017-0025 critical
- CVE-2017-0073 warning
- CVE-2017-0108 critical
- CVE-2017-0038 high
- CVE-2017-0001 critical
- CVE-2017-0005 critical
- CVE-2017-0047 critical
- CVE-2017-0072 critical
- CVE-2017-0083 critical
- CVE-2017-0084 critical
- CVE-2017-0085 warning
- CVE-2017-0086 critical
- CVE-2017-0087 critical
- CVE-2017-0088 critical
- CVE-2017-0089 critical
- CVE-2017-0090 critical
- CVE-2017-0091 warning
- CVE-2017-0092 warning
- CVE-2017-0111 warning
- CVE-2017-0112 warning
- CVE-2017-0113 warning
- CVE-2017-0114 warning
- CVE-2017-0115 warning
- CVE-2017-0116 warning
- CVE-2017-0117 warning
- CVE-2017-0118 warning
- CVE-2017-0119 warning
- CVE-2017-0120 warning
- CVE-2017-0121 warning
- CVE-2017-0122 warning
- CVE-2017-0123 warning
- CVE-2017-0124 warning
- CVE-2017-0125 warning
- CVE-2017-0126 warning
- CVE-2017-0127 warning
- CVE-2017-0128 warning
- CVE-2017-0130 critical
- CVE-2017-0008 warning
- CVE-2017-0057 warning
- CVE-2017-0100 critical
- CVE-2017-0104 critical
- CVE-2017-0007 high
- CVE-2017-0016 high
- CVE-2017-0039 critical
Список KB
- 4012217
- 4012215
- 4012216
- 4012606
- 4013198
- 4013429
- 3211306
- 4012212
- 4012214
- 4012213
- 4012598
- 4012583
- 3217587
- 4012021
- 4012373
- 4012497
- 4017018
- 4012584
- 3218362
- 3205715
- 4011981
- 3217882
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com