Дата обнаружения
|
14/03/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities:
|
Эксплуатация
|
This vulnerability can be exploited by the following malware: https://threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/ https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/ The following public exploits exists for this vulnerability: https://github.com/NetJBS/CVE-2017-0055-PoC https://www.exploit-db.com/exploits/41645 https://www.exploit-db.com/exploits/44479 https://www.exploit-db.com/exploits/41619 https://www.exploit-db.com/exploits/43970 https://www.exploit-db.com/exploits/41891 https://github.com/c1ph3rm4st3r/MS17-010_CVE-2017-0143 https://github.com/crypticdante/MS17-010_CVE-2017-0143 https://www.exploit-db.com/exploits/42031 https://www.exploit-db.com/exploits/42030 https://www.exploit-db.com/exploits/41987 https://threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/ https://www.exploit-db.com/exploits/43970 https://www.exploit-db.com/exploits/43970 https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/ https://www.exploit-db.com/exploits/41987 https://www.exploit-db.com/exploits/41656 https://www.exploit-db.com/exploits/41657 https://www.exploit-db.com/exploits/41658 https://www.exploit-db.com/exploits/41659 https://www.exploit-db.com/exploits/41647 https://github.com/homjxi0e/CVE-2017-0108 https://www.exploit-db.com/exploits/41363 https://www.exploit-db.com/exploits/41654 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41648 https://www.exploit-db.com/exploits/41646 https://www.exploit-db.com/exploits/41649 https://www.exploit-db.com/exploits/41650 https://www.exploit-db.com/exploits/41651 https://www.exploit-db.com/exploits/41652 https://www.exploit-db.com/exploits/41653 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/41655 https://www.exploit-db.com/exploits/43125 |
Пораженные продукты
|
Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based) |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2017-0108 CVE-2017-0109 CVE-2017-0072 CVE-2017-0100 CVE-2017-0101 CVE-2017-0102 CVE-2017-0143 CVE-2017-0104 CVE-2017-0022 CVE-2017-0001 CVE-2017-0145 CVE-2017-0120 CVE-2017-0147 CVE-2017-0005 CVE-2017-0127 CVE-2017-0124 CVE-2017-0125 CVE-2017-0009 CVE-2017-0008 CVE-2017-0047 CVE-2017-0060 CVE-2017-0148 CVE-2017-0061 CVE-2017-0043 CVE-2017-0042 CVE-2017-0045 CVE-2017-0119 CVE-2017-0062 CVE-2017-0149 CVE-2017-0099 CVE-2017-0144 CVE-2017-0040 CVE-2017-0090 CVE-2017-0091 CVE-2017-0096 CVE-2017-0097 CVE-2017-0038 CVE-2017-0039 CVE-2017-0103 CVE-2017-0063 CVE-2017-0118 CVE-2017-0117 CVE-2017-0116 CVE-2017-0115 CVE-2017-0114 CVE-2017-0113 CVE-2017-0112 CVE-2017-0111 CVE-2017-0092 CVE-2017-0076 CVE-2017-0014 CVE-2017-0059 CVE-2017-0056 CVE-2017-0055 CVE-2017-0050 CVE-2017-0123 CVE-2017-0122 CVE-2017-0073 CVE-2017-0075 CVE-2017-0025 CVE-2017-0146 CVE-2017-0128 CVE-2017-0089 CVE-2017-0088 CVE-2017-0121 CVE-2017-0130 CVE-2017-0126 CVE-2017-0083 CVE-2017-0085 CVE-2017-0084 CVE-2017-0087 CVE-2017-0086 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
SB
[?]
PE
[?]
|
Связанные продукты
|
Microsoft Internet Explorer Microsoft Silverlight Microsoft Lync Microsoft Office Microsoft Lync 2010 Attendee Microsoft Word Microsoft Windows Microsoft Windows Server Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft XML Core Services Microsoft Windows 10 Microsoft Edge |
CVE-IDS
|
CVE-2017-00422.6Warning
CVE-2017-00962.3Warning CVE-2017-00972.3Warning CVE-2017-00992.3Warning CVE-2017-01097.4High CVE-2017-00757.4High CVE-2017-00762.9Warning CVE-2017-00554.3Warning CVE-2017-01024.6Warning CVE-2017-01034.4Warning CVE-2017-01016.8High CVE-2017-00507.2High CVE-2017-00567.2High CVE-2017-00432.9Warning CVE-2017-00454.3Warning CVE-2017-00224.3Warning CVE-2017-01439.3Critical CVE-2017-01449.3Critical CVE-2017-01459.3Critical CVE-2017-01469.3Critical CVE-2017-01474.3Warning CVE-2017-01489.3Critical CVE-2017-00147.6Critical CVE-2017-00602.1Warning CVE-2017-00612.6Warning CVE-2017-00621.9Warning CVE-2017-00634.3Warning CVE-2017-00257.2High CVE-2017-00734.3Warning CVE-2017-01089.3Critical CVE-2017-00384.3Warning CVE-2017-00017.2High CVE-2017-00056.9High CVE-2017-00477.2High CVE-2017-00729.3Critical CVE-2017-00839.3Critical CVE-2017-00849.3Critical CVE-2017-00854.3Warning CVE-2017-00869.3Critical CVE-2017-00879.3Critical CVE-2017-00889.3Critical CVE-2017-00899.3Critical CVE-2017-00909.3Critical CVE-2017-00914.3Warning CVE-2017-00924.3Warning CVE-2017-01114.3Warning CVE-2017-01124.3Warning CVE-2017-01134.3Warning CVE-2017-01144.3Warning CVE-2017-01154.3Warning CVE-2017-01164.3Warning CVE-2017-01174.3Warning CVE-2017-01184.3Warning CVE-2017-01194.3Warning CVE-2017-01204.3Warning CVE-2017-01214.3Warning CVE-2017-01224.3Warning CVE-2017-01234.3Warning CVE-2017-01244.3Warning CVE-2017-01254.3Warning CVE-2017-01264.3Warning CVE-2017-01274.3Warning CVE-2017-01284.3Warning CVE-2017-00094.3Warning CVE-2017-00594.3Warning CVE-2017-01307.6Critical CVE-2017-01497.6Critical CVE-2017-00084.3Warning CVE-2017-00407.6Critical CVE-2017-01004.4Warning CVE-2017-01049.3Critical CVE-2017-00399.3Critical |
KB list
|
4012204 |