Дата обнаружения
|
09/05/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Microsoft Malware Protection Engine. Malicious users can exploit these vulnerabilities to cause a denial of service and execute arbitrary code. Below is a complete list of vulnerabilities:
Technical details To exploit all vulnerabilities, an attacker has to put a specially designed file to a directory scanned by the Microsoft Malware Protection Engine. It can be done via a website when it is being viewed by a user, via email message or an Instant Messenger message or a shared location. |
Пораженные продукты
|
Microsoft Windows 7 Service Pack 1 |
Решение
|
Enterprise administrators or end users do not have to take any actions to install updates for Microsoft Malware Protection Engine because the update will be detected and applied automatically within 48 hours of release. |
Первичный источник обнаружения
|
CVE-2017-8540 CVE-2017-8539 CVE-2017-8538 CVE-2017-8542 CVE-2017-8535 CVE-2017-8541 CVE-2017-8537 CVE-2017-8536 CVE-2017-8542 CVE-2017-8541 CVE-2017-8540 CVE-2017-8539 CVE-2017-8538 CVE-2017-8537 CVE-2017-8536 CVE-2017-8535 |
Оказываемое влияние
?
|
ACE
[?]
DoS
[?]
|
Связанные продукты
|
Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Exchange Server Microsoft Windows 10 |
CVE-IDS
|
CVE-2017-85424.3Warning
CVE-2017-85419.3Critical CVE-2017-85409.3Critical CVE-2017-85394.3Warning CVE-2017-85389.3Critical CVE-2017-85374.3Warning CVE-2017-85364.3Warning CVE-2017-85354.3Warning |