Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
- A remote code execution vulnerability in Windows Uniscribe can be exploited remotely via specially crafted website to execute arbitrary code.
- An elevation of privilege vulnerability in Windows COM Session can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Transaction Manager can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows SMB can be exploited remotely via specially crafted packet to execute arbitrary code.
- A memory corruption vulnerability in iSNS Server can be exploited remotely via specially crafted application to execute arbitrary code.
- An information disclosure vulnerability in Microsoft XML Core Services can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows GDI can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows Uniscribe can be exploited remotely via specially crafted document to obtain sensitive information.
- An information disclosure vulnerability in Windows SMB can be exploited remotely via specially crafted packet to obtain sensitive information.
- An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in The Color Management Module (ICM32.dll) can be exploited remotely via specially crafted webpage to obtain sensitive information.
- An information disclosure vulnerability in Windows Active Directory Federation Services can be exploited remotely via specially crafted request to obtain sensitive information.
- An information disclosure vulnerability in Windows DirectShow can be exploited remotely via specially crafted content to obtain sensitive information.
- A information disclosure vulnerability in Windows DVD Maker can be exploited remotely via specially crafted to obtain sensitive information.
- A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
- A denial of service vulnerability in Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Windows DLL Loading can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Microsoft IIS Server XSS can be exploited remotely via specially crafted request to gain privileges.
- An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows Uniscribe can be exploited remotely via specially crafted website to obtain sensitive information.
Первичный источник обнаружения
- CVE-2017-0108
CVE-2017-0109
CVE-2017-0072
CVE-2017-0100
CVE-2017-0101
CVE-2017-0102
CVE-2017-0143
CVE-2017-0104
CVE-2017-0022
CVE-2017-0001
CVE-2017-0145
CVE-2017-0120
CVE-2017-0147
CVE-2017-0005
CVE-2017-0127
CVE-2017-0124
CVE-2017-0125
CVE-2017-0009
CVE-2017-0008
CVE-2017-0047
CVE-2017-0060
CVE-2017-0148
CVE-2017-0061
CVE-2017-0043
CVE-2017-0042
CVE-2017-0045
CVE-2017-0119
CVE-2017-0062
CVE-2017-0149
CVE-2017-0099
CVE-2017-0144
CVE-2017-0040
CVE-2017-0090
CVE-2017-0091
CVE-2017-0096
CVE-2017-0097
CVE-2017-0038
CVE-2017-0039
CVE-2017-0103
CVE-2017-0063
CVE-2017-0118
CVE-2017-0117
CVE-2017-0116
CVE-2017-0115
CVE-2017-0114
CVE-2017-0113
CVE-2017-0112
CVE-2017-0111
CVE-2017-0092
CVE-2017-0076
CVE-2017-0014
CVE-2017-0059
CVE-2017-0056
CVE-2017-0055
CVE-2017-0050
CVE-2017-0123
CVE-2017-0122
CVE-2017-0073
CVE-2017-0075
CVE-2017-0025
CVE-2017-0146
CVE-2017-0128
CVE-2017-0089
CVE-2017-0088
CVE-2017-0121
CVE-2017-0130
CVE-2017-0126
CVE-2017-0083
CVE-2017-0085
CVE-2017-0084
CVE-2017-0087
CVE-2017-0086
Эксплуатация
This vulnerability can be exploited by the following malware:
https://threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/
https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/
Public exploits exist for this vulnerability.
Связанные продукты
- Microsoft-Internet-Explorer
- Microsoft-Silverlight
- Microsoft-Lync
- Microsoft-Office
- Microsoft-Lync-2010-Attendee
- Microsoft-Word
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Vista-2
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-XML-Core-Services
- Microsoft-Windows-10
- Microsoft-Edge
Список CVE
- CVE-2017-0042 warning
- CVE-2017-0096 warning
- CVE-2017-0097 high
- CVE-2017-0099 high
- CVE-2017-0109 critical
- CVE-2017-0075 critical
- CVE-2017-0076 high
- CVE-2017-0055 high
- CVE-2017-0102 critical
- CVE-2017-0103 high
- CVE-2017-0101 critical
- CVE-2017-0050 critical
- CVE-2017-0056 critical
- CVE-2017-0043 high
- CVE-2017-0045 high
- CVE-2017-0022 warning
- CVE-2017-0143 critical
- CVE-2017-0144 critical
- CVE-2017-0145 critical
- CVE-2017-0146 critical
- CVE-2017-0147 high
- CVE-2017-0148 critical
- CVE-2017-0014 critical
- CVE-2017-0060 high
- CVE-2017-0061 high
- CVE-2017-0062 warning
- CVE-2017-0063 high
- CVE-2017-0025 critical
- CVE-2017-0073 warning
- CVE-2017-0108 critical
- CVE-2017-0038 high
- CVE-2017-0001 critical
- CVE-2017-0005 high
- CVE-2017-0047 critical
- CVE-2017-0072 critical
- CVE-2017-0083 critical
- CVE-2017-0084 critical
- CVE-2017-0085 warning
- CVE-2017-0086 critical
- CVE-2017-0087 critical
- CVE-2017-0088 critical
- CVE-2017-0089 critical
- CVE-2017-0090 critical
- CVE-2017-0091 warning
- CVE-2017-0092 warning
- CVE-2017-0111 warning
- CVE-2017-0112 warning
- CVE-2017-0113 warning
- CVE-2017-0114 warning
- CVE-2017-0115 warning
- CVE-2017-0116 warning
- CVE-2017-0117 warning
- CVE-2017-0118 warning
- CVE-2017-0119 warning
- CVE-2017-0120 warning
- CVE-2017-0121 warning
- CVE-2017-0122 warning
- CVE-2017-0123 warning
- CVE-2017-0124 warning
- CVE-2017-0125 warning
- CVE-2017-0126 warning
- CVE-2017-0127 warning
- CVE-2017-0128 warning
- CVE-2017-0009 warning
- CVE-2017-0059 warning
- CVE-2017-0130 critical
- CVE-2017-0149 critical
- CVE-2017-0008 warning
- CVE-2017-0040 critical
- CVE-2017-0100 critical
- CVE-2017-0104 critical
- CVE-2017-0039 critical
Список KB
- 4012204
- 4012215
- 3211306
- 4012212
- 4012598
- 4012583
- 3217587
- 4012021
- 4012373
- 4012497
- 4017018
- 4012584
- 3218362
- 4011981
- 3217882
- 3214051
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!