Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
2. A security feature bypass vulnerability in Device Guard Code Integrity Policy can be exploited remotely to bypass security restrictions.
3. An information disclosure vulnerability in Windows Uniscribe can be exploited remotely via specially crafted document to obtain sensitive information.
4. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
5. An elevation of privilege vulnerability in Hypervisor Code Integrity can be exploited remotely to gain privileges.
6. A remote code execution vulnerability in Windows Uniscribe can be exploited remotely via specially crafted website to execute arbitrary code.
7. An information disclosure vulnerability in Windows PDF can be exploited remotely via specially crafted to obtain sensitive information.
8. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
9. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
10. A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
11. A remote code execution vulnerability in Microsoft Windows can be exploited remotely via specially crafted to execute arbitrary code.
12. A remote code execution vulnerability in Windows PDF can be exploited remotely via specially crafted to execute arbitrary code.
13. A remote code execution vulnerability in Windows can be exploited remotely via specially crafted cabinet to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
15. An elevation of privilege vulnerability in Windows TDX can be exploited remotely via specially crafted application to gain privileges.
16. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
17. A remote code execution vulnerability in Win32k Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.

Первичный источник обнаружения

• CVE-2017-8543
  CVE-2017-0219
  CVE-2017-0284
  CVE-2017-0218
  CVE-2017-0215
  CVE-2017-8479
  CVE-2017-0299
  CVE-2017-8485
  CVE-2017-0193
  CVE-2017-8478
  CVE-2017-8488
  CVE-2017-8528
  CVE-2017-8460
  CVE-2017-8475
  CVE-2017-8476
  CVE-2017-8470
  CVE-2017-8494
  CVE-2017-8466
  CVE-2017-8464
  CVE-2017-0291
  CVE-2017-0216
  CVE-2017-0292
  CVE-2017-8480
  CVE-2017-8489
  CVE-2017-0285
  CVE-2017-0300
  CVE-2017-8491
  CVE-2017-8471
  CVE-2017-8477
  CVE-2017-8462
  CVE-2017-0173
  CVE-2017-0294
  CVE-2017-8472
  CVE-2017-8482
  CVE-2017-8492
  CVE-2017-8490
  CVE-2017-8483
  CVE-2017-0283
  CVE-2017-8484
  CVE-2017-8481
  CVE-2017-8468
  CVE-2017-0282
  CVE-2017-8469
  CVE-2017-8474
  CVE-2017-8465
  CVE-2017-0297
  CVE-2017-0296
  CVE-2017-8473
  CVE-2017-8531
  CVE-2017-0289
  CVE-2017-0288
  CVE-2017-8527
  CVE-2017-0287
  CVE-2017-8533
  CVE-2017-8532
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Word
• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2017-8543
  critical
• CVE-2017-0219
  high
• CVE-2017-0284
  warning
• CVE-2017-0218
  high
• CVE-2017-0215
  high
• CVE-2017-8479
  warning
• CVE-2017-0299
  warning
• CVE-2017-8485
  warning
• CVE-2017-0193
  critical
• CVE-2017-8478
  warning
• CVE-2017-8488
  warning
• CVE-2017-8528
  critical
• CVE-2017-8460
  high
• CVE-2017-8475
  warning
• CVE-2017-8476
  warning
• CVE-2017-8470
  warning
• CVE-2017-8494
  high
• CVE-2017-8466
  critical
• CVE-2017-8464
  critical
• CVE-2017-0291
  critical
• CVE-2017-0216
  high
• CVE-2017-0292
  critical
• CVE-2017-8480
  warning
• CVE-2017-8489
  warning
• CVE-2017-0285
  warning
• CVE-2017-0300
  warning
• CVE-2017-8491
  warning
• CVE-2017-8471
  warning
• CVE-2017-8477
  warning
• CVE-2017-8462
  warning
• CVE-2017-0173
  high
• CVE-2017-0294
  critical
• CVE-2017-8472
  warning
• CVE-2017-8482
  warning
• CVE-2017-8492
  warning
• CVE-2017-8490
  warning
• CVE-2017-8483
  warning
• CVE-2017-0283
  critical
• CVE-2017-8484
  warning
• CVE-2017-8481
  warning
• CVE-2017-8468
  critical
• CVE-2017-0282
  warning
• CVE-2017-8469
  high
• CVE-2017-8474
  warning
• CVE-2017-8465
  critical
• CVE-2017-0297
  warning
• CVE-2017-0296
  critical
• CVE-2017-8473
  warning
• CVE-2017-0287
  warning
• CVE-2017-0288
  warning
• CVE-2017-0289
  warning
• CVE-2017-8527
  critical
• CVE-2017-8531
  high
• CVE-2017-8532
  high
• CVE-2017-8533
  high

Список KB

• 4022726
• 4022714
• 4022724
• 4022727
• 4022715
• 4025342
• 4025339
• 4034668
• 4034674
• 4034681
• 4034658
• 4034660
• 4022725
• 4022717
• 4022718
• 4034666
• 4034665
• 4034672

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com