Symantec product detections for Microsoft monthly Security Bulletins - March 2017
Article ID: 164820
Updated On:
Products
Endpoint Protection
Issue/Introduction
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Resolution
| ID and Rating | CAN/CVE ID: CVE-2017-0018 BID: N/A Microsoft ID: MS17-017 MSKB: KB0000000 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Adobe Flash Player |
| Vulnerability Affects | CVE information can be found in Adobe Security Bulletin |
| Details | CVE information can be found in Adobe Security Bulletin |
| Intrusion Protection System (IPS) Response | Sig ID: Under Review |
| Other Detections | AV: Under Review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0023 BID: 96075 Microsoft ID: MS17-009 MSKB: KB4010319 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Windows PDF Library Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Edge Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0010 BID: 96059 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0023 BID: 96075 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1511 for 32-bit Systems Windows 10 Version 1511 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0015 BID: 96079 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0032 BID: 96080 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0034 BID: 96786 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0035 BID: 96082 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0037 BID: 96088 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0070 BID: 96690 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0067 BID: 96662 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0071 BID: 96681 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0132 BID: 96686 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0094 BID: 96682 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0133 BID: 96683 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0134 BID: 96687 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0136 BID: 96688 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0137 BID: 96689 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0138 BID: 96684 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0150 BID: 96725 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0141 BID: 96685 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0151 BID: 96727 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0037 BID: 96088 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Edge |
| Details | A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0018 BID: 96086 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 |
| Details | A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0040 BID: 96094 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 |
| Details | A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0130 BID: 96647 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 |
| Details | A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0149 BID: 96724 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 |
| Details | A remote code execution vulnerability exists when Microsoft Browsers improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0154 BID: 96766 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Critical |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Elevation of Priveledge (EOP) |
| Vulnerability Affects | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 |
| Details | An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. The update addresses the vulnerability by helping to ensure that cross-domain policies are properly enforced in Internet Explorer. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0014 BID: 96713 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console |
| Details | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0108 BID: 96722 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Graphics Component Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console |
| Details | A remote code execution vulnerability exists due to the way the Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0083 BID: 96608 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0072 BID: 96599 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0084 BID: 96610 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0086 BID: 96603 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0087 BID: 96604 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0088 BID: 96605 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0089 BID: 96606 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0090 BID: 96607 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists in Windows due to the way Windows Uniscribe handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0104 BID: 96697 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Microsoft Windows Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows Server 2012 R2 |
| Details | A remote code execution vulnerability exists in Windows when the iSNS Server service fails to properly validate input from the client. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SYSTEM account. An attacker could exploit the vulnerability by creating a specially crafted application to connect to the iSNS Server and then issue malicious requests to it. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0021 BID: 96020 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows Hyper-V Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0075 BID: 96698 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows Hyper-V Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Vista Service Pack 2 |
| Details | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0109 BID: 96644 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows Hyper-V Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0144 BID: 96704 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows SMB Server Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 |
| Details | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server. |
| Intrusion Protection System (IPS) Response |
Sig ID: 30010 (OS Attack: Microsoft Windows SMB RCE CVE-2017-0144) 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0143 BID: 96703 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows SMB Server Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 |
| Details | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server. |
| Intrusion Protection System (IPS) Response |
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0145 BID: 96705 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows SMB Server Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 |
| Details | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server. |
| Intrusion Protection System (IPS) Response |
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0146 BID: 96707 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows SMB Server Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 |
| Details | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server. |
| Intrusion Protection System (IPS) Response |
Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2) 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0148 BID: 96706 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Critical |
| Vulnerability Type | Security Update for Windows SMB Server Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 |
| Details | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could gain code execution on the target server. |
| Intrusion Protection System (IPS) Response |
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0045 BID: 96103 Microsoft ID: MS17-020 MSKB: KB3208223 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows DVD Maker Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 |
| Details | An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0042 BID: 96098 Microsoft ID: MS17-021 MSKB: KB4010318 Microsoft Rating: Important |
| Vulnerability Type | Security Update for DirectShow Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: Under review |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0043 BID: 96628 Microsoft ID: MS17-019 MSKB: KB4010320 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Active Directory Federation Services Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows Server 2012 R2 |
| Details | An information disclosure vulnerability exists when Windows ADFS honors XML External Entities. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To exploit this condition, an authenticated attacker would need to send a specially crafted request to the ADFS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0022 BID: 96069 Microsoft ID: MS17-022 MSKB: KB4010321 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft XML Core Services Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems |
| Details | An information disclosure vulnerability exists when Microsoft XML Core Services (MSXML) improperly handles objects in memory. An attacker who successfully exploit this vulnerability could allow the attacker to test for the presence of files on disk. |
| Intrusion Protection System (IPS) Response | Sig ID: Under review |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0009 BID: 96077 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Information Disclosure |
| Vulnerability Affects | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0011 BID: 96064 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Information Disclosure |
| Vulnerability Affects | Microsoft Edge |
| Details | An information disclosure vulnerability exists when Microsoft Edge improperly handles the referrer policy. An attacker who successfully exploit this issue could gain information about the request context or browsing history of a user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0012 BID: 96085 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Spoofing |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Edge |
| Details | A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0017 BID: 96078 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Information Disclosure |
| Vulnerability Affects | Microsoft Edge |
| Details | An information disclosure vulnerability exists when Microsoft Edge improperly handles the referrer policy. An attacker who successfully exploit this issue could gain information about the request context or browsing history of a user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0033 BID: 96087 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Spoofing |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Edge |
| Details | A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services. |
| Intrusion Protection System (IPS) Response | Sig ID: Under review |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0065 BID: 96648 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Information Disclosure |
| Vulnerability Affects | Microsoft Edge |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0066 BID: 96655 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Security Feature Bypass |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0068 BID: 96649 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Information Disclosure |
| Vulnerability Affects | Microsoft Edge |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0069 BID: 96650 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Spoofing |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0131 BID: 96671 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Remote Code Execution (RCE) |
| Vulnerability Affects | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Details | Microsoft Edge |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0140 BID: 96653 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Security Feature Bypass |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0008 BID: 96073 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Information Disclosure |
| Vulnerability Affects | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0009 BID: 96077 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Information Disclosure |
| Vulnerability Affects | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Edge |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0012 BID: 96085 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Spoofing |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Edge |
| Details | A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0033 BID: 96087 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Spoofing |
| Vulnerability Affects | Microsoft Internet Explorer 11 Microsoft Edge |
| Details | A spoofing vulnerability exists because it fails to properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0049 BID: 96095 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Information Disclosure |
| Vulnerability Affects | Microsoft Internet Explorer 11 |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0059 BID: 96645 Microsoft ID: MS17-006 MSKB: KB4013073 Microsoft Rating: Important |
| Vulnerability Type | Cumulative Security Update for Internet Explorer Information Disclosure |
| Vulnerability Affects | Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 |
| Details | An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploit this issue could obtain information to further compromise a target system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0001 BID: 96057 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0055 BID: 96622 Microsoft ID: MS17-016 MSKB: KB4013074 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Internet Information Services Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 |
| Details | A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP3] IIS Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0005 BID: 96033 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0025 BID: 96626 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 |
| Details | A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0038 BID: 96023 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploit this issue could obtain information to further compromise the user's system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0047 BID: 96034 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0060 BID: 96713 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console |
| Details | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0061 BID: 96638 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Vista x64 Edition SP2 |
| Details | An information disclosure vulnerability exists in the way that the Color Management Module(ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR on a targeted system. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0062 BID: 96715 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2016 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2012 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console |
| Details | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0063 BID: 96643 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Vista x64 Edition SP2 |
| Details | An information disclosure vulnerability exists in the way that the Color Management Module(ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR on a targeted system. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0073 BID: 96637 Microsoft ID: MS17-013 MSKB: KB4013075 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Graphics Component Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Skype for Business Basic 2016 (32-bit) Microsoft Skype for Business Basic 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Lync Basic 2013 (32-bit) SP1 Microsoft Lync Basic 2013 (64-bit) SP1 Microsoft Lync 2010 (32-bit) Microsoft Lync 2010 (64-bit) Microsoft Lync 2010 Attendee Microsoft Live Meeting 2007 Console |
| Details | An information disclosure vulnerability exist when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0085 BID: 96652 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0091 BID: 96657 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0092 BID: 96676 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0111 BID: 96658 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0112 BID: 96659 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0113 BID: 96660 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0114 BID: 96013 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 |
| Details | A remote code execution vulnerability exists due to the way the Windows Graphics component handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0115 BID: 96663 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0116 BID: 96665 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0117 BID: 96679 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0118 BID: 96680 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0119 BID: 96666 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0120 BID: 96667 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0121 BID: 96678 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0122 BID: 96668 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0123 BID: 96669 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0124 BID: 96670 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0125 BID: 96672 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0126 BID: 96673 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0127 BID: 96674 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0128 BID: 96675 Microsoft ID: MS17-011 MSKB: KB4013076 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Uniscribe Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0007 BID: 96018 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Windows Security Feature Bypass |
| Vulnerability Affects | Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A security bypass vulnerability exists when Device Guard does not properly validate certain elements of a signed PowerShell script. An attacker who successfully exploited this vulnerability could modify the contents of a PowerShell script without invalidating the signature associated with the file. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0016 BID: 95969 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Windows Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows 8.1 Microsoft Windows 10 |
| Details | A denial of service vulnerability exists in implementations of the Microsoft Server Message Block 2.0 and 3.0 (SMBv2 & SMBv3) client. The vulnerability is due to improper handling of certain requests sent by a malicious SMB server to the client. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding until it is manually restarted. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0039 BID: 96024 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Windows Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain dynamic link library (DLL) files. An attacker who successfully exploited the vulnerability could take control of an affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0057 BID: 96695 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Windows Information Disclosure |
| Vulnerability Affects | Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists when Windows dnsclient fails to properly handle requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0100 BID: 96700 Microsoft ID: MS17-012 MSKB: KB4013078 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Windows Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2016 for x64-based Systems |
| Details | An elevation of privilege vulnerability exists in Windows when the Windows COM session moniker fails to properly enforce RunAs permissions when registering DCOM objects. An attacker who successfully exploited the vulnerability could run arbitrary code in another user’s session. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0050 BID: 96025 Microsoft ID: MS17-017 MSKB: KB4013081 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploit this issue could impersonate processes, interject cross-process communication, or interrupt system functionality. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0101 BID: 96625 Microsoft ID: MS17-017 MSKB: KB4013081 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 |
| Details | An elevation of privilege vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take complete control over the affected system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0102 BID: 96627 Microsoft ID: MS17-017 MSKB: KB4013081 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An elevation of privilege vulnerability exists when Windows fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would first need access to the target system and have the ability to copy a file to a shared folder or drive. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0103 BID: 96623 Microsoft ID: MS17-017 MSKB: KB4013081 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An elevation of privilege vulnerability exists when the Windows Kernel API improperly allows a user to access sensitive registry information. An attacker who successfully exploited the vulnerability could gain access to user account information that is not intended for the user. A locally-authenticated attacker could exploit this vulnerability by running a specially crafted application. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0051 BID: 96026 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0074 BID: 96641 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0076 BID: 96636 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0095 BID: 96699 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate virtual Server Message Block (vSMB) packet data. An attacker who successfully exploited this vulnerability could execute arbitrary code on a target operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0096 BID: 96701 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. Customers who have not enabled the Hyper-V role are not affected. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0097 BID: 96639 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Details | Microsoft Windows Vista Service Pack 2​ Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0098 BID: 96642 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0099 BID: 96640 Microsoft ID: MS17-008 MSKB: KB4013082 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Hyper-V Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Windows Vista SP2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0024 BID: 96029 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0026 BID: 96032 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0056 BID: 96630 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0078 BID: 96631 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0079 BID: 96632 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0080 BID: 96633 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0081 BID: 96634 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0082 BID: 96635 Microsoft ID: MS17-018 MSKB: KB4013083 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows Kernel-Mode Drivers Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems |
| Details | A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploit this issue could run arbitrary code in kernel mode. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0006 BID: 96740 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Word 2007 Service Pack 3 Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Viewer Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions) Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (64-bit editions) |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0019 BID: 96042 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0020 BID: 96050 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2016 for Mac Microsoft Office Web Apps 2013 SP1 |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0027 BID: 96043 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Information Disclosure |
| Vulnerability Affects | Microsoft Excel 2007 SP3 Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel for Mac 2011 Microsoft Excel 2016 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Services on Microsoft SharePoint Server 2010 Service Pack 2 Microsoft Excel Services on Microsoft SharePoint Server 2013 Service Pack 1 |
| Details | An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0029 BID: 96045 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Denial of Service |
| Vulnerability Affects | Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 for Mac |
| Details | A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0030 BID: 96051 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Word 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word for Mac 2011 Microsoft Office Compatibility Pack Service Pack 3 Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 Microsoft Office Web Apps 2010 SP2 |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0031 BID: 96052 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Word 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word for Mac 2011 Microsoft Office Compatibility Pack Service Pack 3 |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0052 BID: 96741 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Office Compatibility Pack Service Pack 3 Microsoft Excel Viewer Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions) Microsoft Excel Services on Microsoft SharePoint Server 2007 Service Pack 3 (64-bit editions) Microsoft Excel 2007 SP3 |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0053 BID: 96745 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Remote Code Execution (RCE) |
| Vulnerability Affects | Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) |
| Details | A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0105 BID: 96746 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Information Disclosure |
| Vulnerability Affects | Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2016 for Mac |
| Details | An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0107 BID: 96748 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Cross Site Scripting (XSS) |
| Vulnerability Affects | Microsoft SharePoint Foundation 2013 SP1 |
| Details | n elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0110 BID: 96621 Microsoft ID: MS17-015 MSKB: KB4013242 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Exchange Server Elevation of Priviledge (EOP) |
| Vulnerability Affects | Microsoft Exchange Server 2013 SP1 Microsoft Exchange Server 2013 Cumulative Update 3 Microsoft Exchange Server 2013 Cumulative Update 14 |
| Details | An elevation of privilege vulnerability exists in the way that Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. To exploit the vulnerability, an attacker who successfully exploited this vulnerability could, perform script/content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could exploit the vulnerabilities by sending a specially crafted email, containing a malicious link, to a user. Alternatively, an attacker could use a chat client to social engineer a user into clicking on the malicious link. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP5] Specific Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0147 BID: 96709 Microsoft ID: MS17-010 MSKB: KB4013389 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Windows SMB Server Information Disclosure |
| Vulnerability Affects | Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Server 2016 for x64-based Systems |
| Details | An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) service handles certain requests. An attacker who successfully exploited this vulnerability could run arbitrary code that could lead to an information disclosure. |
| Intrusion Protection System (IPS) Response |
Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2) 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3) 22534 (System Infected: Malicious Payload Activity 9) 23737 (Attack: Shellcode Download Activity) 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution) 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
| Other Detections | AV: N/A Data Center Security: [SCSPBP2] Generic Windows Service Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0029 BID: 96045 Microsoft ID: MS17-007 MSKB: KB3217868 Microsoft Rating: Moderate |
| Vulnerability Type | Security Update for Microsoft Office Denial of Service (DOS) |
| Vulnerability Affects | Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 for Mac |
| Details | A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
| ID and Rating | CAN/CVE ID: CVE-2017-0135 BID: 96656 Microsoft ID: MS17-007 MSKB: KB4013071 Microsoft Rating: Moderate |
| Vulnerability Type | Cumulative Security Update for Microsoft Edge Security Feature Bypass |
| Vulnerability Affects | Microsoft Edge |
| Details | A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
| ID and Rating | CAN/CVE ID: CVE-2017-0129 BID: 96752 Microsoft ID: MS17-014 MSKB: KB4013241 Microsoft Rating: Important |
| Vulnerability Type | Security Update for Microsoft Office Security Feature Bypass |
| Vulnerability Affects | Microsoft Lync for Mac 2011 |
| Details | A security feature bypass exists when the Lync for Mac 2011 client fails to properly validate certificates. An attacker who successfully exploited this vulnerability could tamper with trusted communications between the server and target client. |
| Intrusion Protection System (IPS) Response | Sig ID: N/A |
| Other Detections | AV: N/A Data Center Security: N/A |
Feedback
Yes
No
Powered by
