Описание
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code.
Below is a complete list of vulnerabilities:
- An incorrect validating of untrusted file by Device Guard can be exploited remotely via specially crafted file to bypass security restrictions;
- A vulnerability in RPC can be exploited remotely via specially crafted application to execute arbitrary code;
- An information disclosure vulnerability in «its://» protocol handler can be exploited remotely to obtain sensitive information.
Первичный источник обнаружения
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Microsoft-Windows-10
Список CVE
- CVE-2017-11885 critical
- CVE-2017-11899 critical
- CVE-2017-11927 warning
Список KB
- 4053578
- 4053579
- 4053580
- 4053581
- 4054517
- 4054519
- 4054520
- 4054522
- 4054523
- 4103723
- 4103716
- 4103731
- 4103715
- 4103730
- 4103726
- 4103727
- 4103725
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!