Описание
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Hyper-V vSMB can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows SMB can be exploited remotely via specially crafted packet to execute arbitrary code.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to cause denial of service.
- An information disclosure vulnerability in Windows SMB can be exploited remotely via specially crafted packet to obtain sensitive information.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- A denial of service vulnerability in Windows SMB can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Windows COM can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows COM can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Dxgkrnl.sys can be exploited remotely via specially crafted application to cause denial of service.
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
- A denial of service vulnerability in Windows DNS Server can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
Первичный источник обнаружения
- CVE-2017-0280
CVE-2017-0274
CVE-2017-0272
CVE-2017-0279
CVE-2017-0273
CVE-2017-0276
CVE-2017-0278
CVE-2017-0213
CVE-2017-0212
CVE-2017-0270
CVE-2017-0245
CVE-2017-0171
CVE-2017-0259
CVE-2017-0246
CVE-2017-0277
CVE-2017-0258
CVE-2017-0269
CVE-2017-0267
CVE-2017-0077
CVE-2017-0190
CVE-2017-0275
CVE-2017-0271
CVE-2017-0214
CVE-2017-0263
CVE-2017-0268
CVE-2017-0220
Эксплуатация
The following public exploits exists for this vulnerability:
https://www.exploit-db.com/exploits/44478
https://www.exploit-db.com/exploits/42007
https://www.exploit-db.com/exploits/42006
https://www.exploit-db.com/exploits/42008
https://www.exploit-db.com/exploits/42009
https://www.exploit-db.com/exploits/42021
https://www.exploit-db.com/exploits/42020
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
Список CVE
- CVE-2017-0280 unknown
- CVE-2017-0279 unknown
- CVE-2017-0278 unknown
- CVE-2017-0277 unknown
- CVE-2017-0276 unknown
- CVE-2017-0275 unknown
- CVE-2017-0274 unknown
- CVE-2017-0273 unknown
- CVE-2017-0272 unknown
- CVE-2017-0271 unknown
- CVE-2017-0270 unknown
- CVE-2017-0269 unknown
- CVE-2017-0268 unknown
- CVE-2017-0267 unknown
- CVE-2017-0263 unknown
- CVE-2017-0259 unknown
- CVE-2017-0258 unknown
- CVE-2017-0246 unknown
- CVE-2017-0245 unknown
- CVE-2017-0220 unknown
- CVE-2017-0214 unknown
- CVE-2017-0213 unknown
- CVE-2017-0212 unknown
- CVE-2017-0190 unknown
- CVE-2017-0171 unknown
- CVE-2017-0077 unknown
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com