Описание
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows IME can be exploited remotely via specially crafted application to execute arbitrary code.
- A remote code execution vulnerability in Windows Search can be exploited remotely via specially crafted messages to execute arbitrary code.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
- A remote code execution vulnerability in Microsoft JET Database Engine can be exploited remotely via specially crafted to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely via specially crafted application to gain privileges.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
- An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Volume Manager Extension Driver can be exploited remotely via specially crafted application to obtain sensitive information.
- A denial of service vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to cause denial of service.
- A remote code execution vulnerability in Windows PDF can be exploited remotely via specially crafted website to execute arbitrary code.
- A denial of service vulnerability in Windows NetBIOS can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
- A denial of service vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
Первичный источник обнаружения
- CVE-2017-8593
CVE-2017-8591
CVE-2017-8620
CVE-2017-8664
CVE-2017-0250
CVE-2017-8633
CVE-2017-8623
CVE-2017-8622
CVE-2017-8668
CVE-2017-8627
CVE-2017-0293
CVE-2017-0174
CVE-2017-8666
CVE-2017-8673
CVE-2017-8624
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Microsoft-Windows-10
Список CVE
- CVE-2017-8593 high
- CVE-2017-8591 critical
- CVE-2017-8620 critical
- CVE-2017-8664 critical
- CVE-2017-0250 critical
- CVE-2017-8633 critical
- CVE-2017-8623 high
- CVE-2017-8622 critical
- CVE-2017-8668 high
- CVE-2017-8627 warning
- CVE-2017-0293 critical
- CVE-2017-0174 high
- CVE-2017-8666 high
- CVE-2017-8673 high
- CVE-2017-8624 critical
Список KB
- 4034668
- 4034674
- 4034681
- 4034658
- 4034660
- 4034666
- 4034665
- 4034672
- 4041689
- 4041693
- 4041687
- 4041676
- 4041690
- 4041691
- 4042895
- 4041679
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!