Symantec product detections for Microsoft monthly Security Bulletins - March 2017
search cancel

Symantec product detections for Microsoft monthly Security Bulletins - March 2017

book

Article ID: 164820

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology 

Resolution

ID and Rating CAN/CVE ID: CVE-2017-0018
BID: N/A
Microsoft ID: MS17-017
MSKB: KB0000000
Microsoft Rating: Critical
Vulnerability Type Security Update for Adobe Flash Player
Vulnerability Affects CVE information can be found in Adobe Security Bulletin
Details CVE information can be found in Adobe Security Bulletin
Intrusion Protection System (IPS) Response Sig ID: Under Review
Other Detections AV: Under Review
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0023
BID: 96075
Microsoft ID: MS17-009
MSKB: KB4010319
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Windows PDF Library
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Edge Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0010
BID: 96059
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0023
BID: 96075
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Windows 10 for 32-bit Systems 
Windows 10 for x64-based Systems 
Windows 10 Version 1511 for 32-bit Systems 
Windows 10 Version 1511 for x64-based Systems 
Windows 10 Version 1607 for 32-bit Systems 
Windows 10 Version 1607 for x64-based Systems 
Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
 
ID and Rating CAN/CVE ID: CVE-2017-0015
BID: 96079
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: Under review
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0032
BID: 96080
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0034
BID: 96786
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0035
BID: 96082
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0037
BID: 96088
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0070
BID: 96690
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details  A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0067
BID: 96662
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0071
BID: 96681
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0132
BID: 96686
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0094
BID:  96682
Microsoft ID: MS17-007

MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0133
BID: 96683
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0134
BID: 96687
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0136
BID: 96688
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0137
BID: 96689
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0138
BID: 96684
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0150
BID: 96725
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0141
BID: 96685
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0151
BID: 96727
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A

 

ID and Rating CAN/CVE ID: CVE-2017-0037
BID: 96088
Microsoft ID: MS17-006

MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Edge
Details A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0018
BID: 96086
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Internet Explorer 10
Details A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0040
BID: 96094
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
Details A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0130
BID: 96647
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11
Details A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0149
BID: 96724
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
Details A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0154
BID: 96766
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Critical
Vulnerability Type Cumulative Security Update for Internet Explorer
Elevation of Priveledge (EOP)
Vulnerability Affects Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
Details An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. The update addresses the vulnerability by helping to ensure that cross-domain policies are properly enforced in Internet Explorer.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0014
BID: 96713
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console
Details An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0108
BID: 96722
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Graphics Component
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console
Details A remote code execution vulnerability exists due to the way the Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0083
BID: 96608
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0072
BID: 96599
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0084
BID: 96610
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0086
BID: 96603
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0087
BID: 96604
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details  A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0088
BID:  96605
Microsoft ID: MS17-011

MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0089
BID: 96606
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0090
BID: 96607
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0104
BID: 96697
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Critical
Vulnerability Type Security Update for Microsoft Windows
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows Server 2012 R2
Details A remote code execution vulnerability exists in Windows when the iSNS Server service fails to properly validate input from the client. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SYSTEM account. An attacker could exploit the vulnerability by creating a specially crafted application to connect to the iSNS Server and then issue malicious requests to it.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0021
BID: 96020
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows Hyper-V
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0075
BID: 96698
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows Hyper-V
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Vista Service Pack 2
Details A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0109
BID: 96644
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows Hyper-V
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A

 

ID and Rating CAN/CVE ID: CVE-2017-0144
BID: 96704
Microsoft ID: MS17-010
MSKB: KB4013389
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows SMB Server
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2
Details A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server.
Intrusion Protection System (IPS) Response

Sig ID: 30010 (OS Attack: Microsoft Windows SMB RCE CVE-2017-0144)

21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0143
BID: 96703
Microsoft ID: MS17-010
MSKB: KB4013389
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows SMB Server
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2
Details A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server.
Intrusion Protection System (IPS) Response

Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0145
BID: 96705
Microsoft ID: MS17-010
MSKB: KB4013389
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows SMB Server
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2
Details A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server.
Intrusion Protection System (IPS) Response

Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0146
BID: 96707
Microsoft ID: MS17-010

MSKB: KB4013389
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows SMB Server
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2
Details A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server.
Intrusion Protection System (IPS) Response

Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2)

21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0148
BID: 96706
Microsoft ID: MS17-010
MSKB: KB4013389
Microsoft Rating: Critical
Vulnerability Type Security Update for Windows SMB Server
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2
Details A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server.
Intrusion Protection System (IPS) Response

Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0045
BID: 96103
Microsoft ID: MS17-020
MSKB: KB3208223
Microsoft Rating: Important
Vulnerability Type Security Update for Windows DVD Maker
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1
Details An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A

 

ID and Rating CAN/CVE ID: CVE-2017-0042
BID: 96098
Microsoft ID: MS17-021
MSKB: KB4010318
Microsoft Rating: Important
Vulnerability Type Security Update for DirectShow
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: Under review
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0043
BID: 96628
Microsoft ID: MS17-019
MSKB: KB4010320
Microsoft Rating: Important
Vulnerability Type Security Update for Active Directory Federation Services
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows Server 2012 R2
Details An information disclosure vulnerability exists when Windows ADFS honors XML External Entities. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To exploit this condition, an authenticated attacker would need to send a specially crafted request to the ADFS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0022
BID: 96069
Microsoft ID: MS17-022
MSKB: KB4010321
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft XML Core Services
Information Disclosure
Vulnerability Affects Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems
Details An information disclosure vulnerability exists when Microsoft XML Core Services (MSXML) improperly handles objects in memory. An attacker who successfully exploit this vulnerability could allow the attacker to test for the presence of files on disk.
Intrusion Protection System (IPS) Response Sig ID: Under review
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0009
BID: 96077
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Information Disclosure
Vulnerability Affects Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0011
BID: 96064
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Information Disclosure
Vulnerability Affects Microsoft Edge
Details An information disclosure vulnerability exists when Microsoft Edge improperly handles the referrer policy. An attacker who successfully exploit this issue could gain information about the request context or browsing history of a user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0012
BID: 96085
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Spoofing
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Edge
Details A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0017
BID: 96078
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Information Disclosure
Vulnerability Affects Microsoft Edge
Details An information disclosure vulnerability exists when Microsoft Edge improperly handles the referrer policy. An attacker who successfully exploit this issue could gain information about the request context or browsing history of a user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0033
BID: 96087
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Spoofing
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Edge
Details A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.
Intrusion Protection System (IPS) Response Sig ID: Under review
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0065
BID: 96648
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Information Disclosure
Vulnerability Affects Microsoft Edge
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0066
BID:  96655
Microsoft ID: MS17-007

MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Security Feature Bypass
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0068
BID: 96649
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Information Disclosure
Vulnerability Affects Microsoft Edge
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0069
BID: 96650
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Spoofing
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0131
BID: 96671
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Remote Code Execution (RCE)
Vulnerability Affects A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Details Microsoft Edge
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0140
BID: 96653
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Microsoft Edge
Security Feature Bypass
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0008
BID: 96073
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Information Disclosure
Vulnerability Affects Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0009
BID: 96077
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Information Disclosure
Vulnerability Affects Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Edge
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0012
BID: 96085
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Spoofing
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Edge
Details A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0033
BID: 96087
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Spoofing
Vulnerability Affects Microsoft Internet Explorer 11 Microsoft Edge
Details A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0049
BID: 96095
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Information Disclosure
Vulnerability Affects Microsoft Internet Explorer 11
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0059
BID: 96645
Microsoft ID: MS17-006
MSKB: KB4013073
Microsoft Rating: Important
Vulnerability Type Cumulative Security Update for Internet Explorer
Information Disclosure
Vulnerability Affects Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9
Details An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A

 

ID and Rating CAN/CVE ID: CVE-2017-0001
BID:  96057
Microsoft ID: MS17-013

MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems
Details A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0055
BID: 96622
Microsoft ID: MS17-016
MSKB: KB4013074
Microsoft Rating: Important
Vulnerability Type Security Update for Internet Information Services
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2
Details A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take control of an affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP3] IIS Protection

 

ID and Rating CAN/CVE ID: CVE-2017-0005
BID: 96033
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems
Details A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0025
BID: 96626
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1
Details A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0038
BID: 96023
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploit this issue could obtain information to further compromise the user's system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0047
BID: 96034
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems
Details A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0060
BID: 96713
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console
Details An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0061
BID: 96638
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Vista x64 Edition SP2
Details An information disclosure vulnerability exists in the way that the Color Management Module(ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR on a targeted system. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0062
BID: 96715
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console
Details An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0063
BID: 96643
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Vista x64 Edition SP2
Details An information disclosure vulnerability exists in the way that the Color Management Module(ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR on a targeted system. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0073
BID: 96637
Microsoft ID: MS17-013
MSKB: KB4013075
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Graphics Component
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console
Details An information disclosure vulnerability exist when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0085
BID: 96652
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0091
BID: 96657
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0092
BID: 96676
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0111
BID:  96658
Microsoft ID: MS17-011

MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0112
BID: 96659
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0113
BID: 96660
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0114
BID: 96013
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2
Details A remote code execution vulnerability exists due to the way the Windows Graphics component handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0115
BID: 96663
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0116
BID: 96665
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0117
BID: 96679
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0118
BID: 96680
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0119
BID: 96666
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0120
BID: 96667
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0121
BID: 96678
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0122
BID: 96668
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0123
BID: 96669
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0124
BID:  96670
Microsoft ID: MS17-011

MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0125
BID: 96672
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0126
BID: 96673
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0127
BID: 96674
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0128
BID: 96675
Microsoft ID: MS17-011
MSKB: KB4013076
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Uniscribe
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0007
BID: 96018
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Windows
Security Feature Bypass
Vulnerability Affects Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A security bypass vulnerability exists when Device Guard does not properly validate certain elements of a signed PowerShell script. An attacker who successfully exploited this vulnerability could modify the contents of a PowerShell script without invalidating the signature associated with the file.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0016
BID: 95969
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Windows
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows 8.1 Microsoft Windows 10
Details A denial of service vulnerability exists in implementations of the Microsoft Server Message Block 2.0 and 3.0 (SMBv2 & SMBv3) client. The vulnerability is due to improper handling of certain requests sent by a malicious SMB server to the client. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding until it is manually restarted.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0039
BID: 96024
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Windows
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain dynamic link library (DLL) files. An attacker who successfully exploited the vulnerability could take control of an affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0057
BID: 96695
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Windows
Information Disclosure
Vulnerability Affects Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists when Windows dnsclient fails to properly handle requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0100
BID: 96700
Microsoft ID: MS17-012
MSKB: KB4013078
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Windows
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2016 for x64-based Systems
Details An elevation of privilege vulnerability exists in Windows when the Windows COM session moniker fails to properly enforce RunAs permissions when registering DCOM objects. An attacker who successfully exploited the vulnerability could run arbitrary code in another user’s session.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0050
BID: 96025
Microsoft ID: MS17-017
MSKB: KB4013081
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploit this issue could impersonate processes, interject cross-process communication, or interrupt system functionality.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0101
BID: 96625
Microsoft ID: MS17-017
MSKB: KB4013081
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Details An elevation of privilege vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take complete control over the affected system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0102
BID: 96627
Microsoft ID: MS17-017
MSKB: KB4013081
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An elevation of privilege vulnerability exists when Windows fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would first need access to the target system and have the ability to copy a file to a shared folder or drive.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0103
BID:  96623
Microsoft ID: MS17-017

MSKB: KB4013081
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An elevation of privilege vulnerability exists when the Windows Kernel API improperly allows a user to access sensitive registry information. An attacker who successfully exploited the vulnerability could gain access to user account information that is not intended for the user. A locally-authenticated attacker could exploit this vulnerability by running a specially crafted application.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0051
BID: 96026
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0074
BID: 96641
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0076
BID: 96636
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0095
BID: 96699
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0096
BID: 96701
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. Customers who have not enabled the Hyper-V role are not affected.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0097
BID: 96639
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Details Microsoft Windows Vista Service Pack 2‚Äč Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0098
BID: 96642
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0099
BID: 96640
Microsoft ID: MS17-008
MSKB: KB4013082
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Hyper-V
Denial of Service (DOS)
Vulnerability Affects Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0024
BID: 96029
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0026
BID: 96032
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0056
BID: 96630
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0078
BID: 96631
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0079
BID:  96632
Microsoft ID: MS17-018

MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0080
BID: 96633
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0081
BID: 96634
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0082
BID: 96635
Microsoft ID: MS17-018
MSKB: KB4013083
Microsoft Rating: Important
Vulnerability Type Security Update for Windows Kernel-Mode Drivers
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems
Details A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0006
BID: 96740
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Word 2007 Service Pack 3 Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Viewer Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions) Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (64-bit editions)
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0019
BID: 96042
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition)
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0020
BID: 96050
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2016 for Mac Microsoft Office Web Apps 2013 SP1
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0027
BID: 96043
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Information Disclosure
Vulnerability Affects Microsoft Excel 2007 SP3 Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel for Mac 2011 Microsoft Excel 2016 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Services on Microsoft SharePoint Server 2010 Service Pack 2 Microsoft Excel Services on Microsoft SharePoint Server 2013 Service Pack 1
Details An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0029
BID: 96045
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Denial of Service
Vulnerability Affects Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 for Mac
Details A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0030
BID: 96051
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Word 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word for Mac 2011 Microsoft Office Compatibility Pack Service Pack 3 Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 Microsoft Office Web Apps 2010 SP2
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0031
BID: 96052
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Word 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word for Mac 2011 Microsoft Office Compatibility Pack Service Pack 3
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0052
BID: 96741
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Viewer Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions) Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (64-bit editions) Microsoft Excel 2007 SP3
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0053
BID: 96745
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Remote Code Execution (RCE)
Vulnerability Affects Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition)
Details A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0105
BID:  96746
Microsoft ID: MS17-014

MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Information Disclosure
Vulnerability Affects Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2016 for Mac
Details An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0107
BID: 96748
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Cross Site Scripting (XSS)
Vulnerability Affects Microsoft SharePoint Foundation 2013 SP1
Details n elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0110
BID: 96621
Microsoft ID: MS17-015
MSKB: KB4013242
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Exchange Server
Elevation of Priviledge (EOP)
Vulnerability Affects Microsoft Exchange Server 2013 SP1 Microsoft Exchange Server 2013 Cumulative Update 3 Microsoft Exchange Server 2013 Cumulative Update 14
Details An elevation of privilege vulnerability exists in the way that Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. To exploit the vulnerability, an attacker who successfully exploited this vulnerability could, perform script/content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could exploit the vulnerabilities by sending a specially crafted email, containing a malicious link, to a user. Alternatively, an attacker could use a chat client to social engineer a user into clicking on the malicious link.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP5] Specific Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0147
BID: 96709
Microsoft ID: MS17-010
MSKB: KB4013389
Microsoft Rating: Important
Vulnerability Type Security Update for Windows SMB Server
Information Disclosure
Vulnerability Affects Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2016 for x64-based Systems
Details An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could run arbitrary code that could lead to an information disclosure.
Intrusion Protection System (IPS) Response

Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2)

21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)

22534 (System Infected: Malicious Payload Activity 9)

23737 (Attack: Shellcode Download Activity)

23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)

23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt)

Other Detections AV: N/A
Data Center Security: [SCSPBP2] Generic Windows Service Protection
ID and Rating CAN/CVE ID: CVE-2017-0029
BID: 96045
Microsoft ID: MS17-007
MSKB: KB3217868
Microsoft Rating: Moderate
Vulnerability Type Security Update for Microsoft Office
Denial of Service (DOS)
Vulnerability Affects Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 for Mac
Details A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A
ID and Rating CAN/CVE ID: CVE-2017-0135
BID: 96656
Microsoft ID: MS17-007
MSKB: KB4013071
Microsoft Rating: Moderate
Vulnerability Type Cumulative Security Update for Microsoft Edge
Security Feature Bypass
Vulnerability Affects Microsoft Edge
Details A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
ID and Rating CAN/CVE ID: CVE-2017-0129
BID: 96752
Microsoft ID: MS17-014
MSKB: KB4013241
Microsoft Rating: Important
Vulnerability Type Security Update for Microsoft Office
Security Feature Bypass
Vulnerability Affects Microsoft Lync for Mac 2011
Details A security feature bypass exists when the Lync for Mac 2011 client fails to properly validate certificates. An attacker who successfully exploited this vulnerability could tamper with trusted communications between the server and target client.
Intrusion Protection System (IPS) Response Sig ID: N/A
Other Detections AV: N/A
Data Center Security: N/A