Symantec product detections for Microsoft monthly Security Bulletins - June 2017

book

Article ID: 169615

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: ADV170007

BID:

Microsoft Rating: Critical

Vulnerability Type

June Flash Security Update

Vulnerability Affects

See Adobe homepage

Details

See Adobe Homepage

Intrusion Protection System (IPS) Response

Sig ID:  N/A

Other Detections

AV:  N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-0291

BID: 98835

Microsoft Rating: Critical

Vulnerability Type

Windows PDF Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in Microsoft Windows if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0292

BID: 98836

Microsoft Rating: Critical

Vulnerability Type

Windows PDF Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in Microsoft Windows if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0294

BID: 98837

Microsoft Rating: Critical

Vulnerability Type

Windows Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files. To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious cabinet file disguised as a printer driver.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8461

BID: 99012

Microsoft Rating: Critical

Vulnerability Type

Windows SMB Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows

Details

A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this issue could execute code on the target system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8464

BID: 98818

Microsoft Rating: Critical

Vulnerability Type

LNK Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows RT 8.1

Details

A remote code execution exists in Microsoft Windows that could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this issue could gain the same user rights as the local user.

Intrusion Protection System (IPS) Response

Sig ID: Attack: Malicious RTF File CVE-2017-8464

Other Detections

AV: Exp.CVE-2017-8464

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8487

BID:

Microsoft Rating: Critical

Vulnerability Type

Windows olecnv32.dll Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Windows Kernel

Details

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker can exploit this issue to execute malicious code.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8496

BID: 98880

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Exp.CVE-2017-8496

Other Detections

AV: Exp.CVE-2017-8496

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8497

BID: 98882

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: MSIE CVE-2017-8497

Other Detections

AV: Exp.CVE-2017-8497

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8499

BID: 98883

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8517

BID: 98895

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8520

BID: 98924

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8522

BID: 98926

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8524

BID: 98930

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Exp.CVE-2017-8524

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8527

BID: 98933

Microsoft Rating: Critical

Vulnerability Type

Windows Graphics Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A remote code execution vulnerability exist when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8528

BID: 98949

Microsoft Rating: Critical

Vulnerability Type

Windows Uniscribe Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this issue could take control of the affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8543

BID: 98824

Microsoft Rating: Critical

Vulnerability Type

Windows Search Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows RT 8.1

Details

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this issue could take control of the affected system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8548

BID: 98954

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8549

BID: 98955

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: ADV170008

BID: N/A  See http://technet.microsoft.com/en-us/security/bulletin/ for details

Microsoft Rating: Important

Vulnerability Type

Defense-in-depth Update for Microsoft SharePoint
Tampering

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-0173

BID: 98873

Microsoft Rating: Important

Vulnerability Type

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0193

BID: 98878

Microsoft Rating: Important

Vulnerability Type

Hypervisor Code Integrity Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A privilege escalation vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels. An attacker who successfully exploited this issue could gain elevated privileges on a target guest operating system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection
 [SCSPBP5] Specific Windows Service Protection
 

 

ID and Rating

CAN/CVE ID: CVE-2017-0215

BID: 98879

Microsoft Rating: Important

Vulnerability Type

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security:  [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0216

BID: 98896

Microsoft Rating: Important

Vulnerability Type

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0218

BID: 98897

Microsoft Rating: Important

Vulnerability Type

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0219

BID: 98898

Microsoft Rating: Important

Vulnerability Type

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0260

BID: 98810

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

Details

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this issue could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0282

BID: 98885

Microsoft Rating: Important

Vulnerability Type

Windows Uniscribe Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0283

BID: 98920

Microsoft Rating: Important

Vulnerability Type

Windows Uniscribe Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016 Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office Word Viewer Microsoft Skype for Business 2016 (32-bit) Microsoft Skype for Business 2016 (64-bit) Microsoft Lync 2013 (32-bit) SP1 Microsoft Lync 2013 (64-bit) SP1 Microsoft Silverlight 5 Developer Runtime Microsoft Silverlight 5.0

Details

An information disclosure vulnerability exists when the Microsoft Graphics Component fails to properly handle objects in memory, allowing an attacker to retrieve information that could lead to an Address Space Layout Randomization (ASLR) bypass.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0284

BID: 98918

Microsoft Rating: Important

Vulnerability Type

Windows Uniscribe Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0285

BID: 98914

Microsoft Rating: Important

Vulnerability Type

Windows Uniscribe Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016 Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office Word Viewer

Details

An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0286

BID: 98891

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0287

BID: 98922

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability

Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0288

BID: 98923

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0289

BID: 98929

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0295

BID: 98904

Microsoft Rating: Important

Vulnerability Type

Windows Default Folder Tampering Vulnerability
Tampering

Vulnerability Affects

Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A tampering vulnerability exists in Microsoft Windows that could allow an authenticated attacker to modify the folder structure. An attacker who successfully exploited this issue could potentially modify files and folders that are synchronized the first time when a user logs in locally to the computer.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0296

BID: 98839

Microsoft Rating: Important

Vulnerability Type

Windows TDX Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A privilege escalation vulnerability exists when tdx. sys fails to check the length of a buffer prior to copying memory to it.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0297

BID: 98840

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited this issue could gain access to information that is not intended for the user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0298

BID: 98841

Microsoft Rating: Important

Vulnerability Type

Windows COM Session Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows Server 2016

Details

A privilege escalation exists in Windows when a DCOM object in Helppane. exe, configured to run as the interactive user, fails to properly authenticate the client.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-0299

BID: 98884

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this issue could retrieve the base address of the kernel driver from a compromised process.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-0300

BID: 98901

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this issue could retrieve the base address of the kernel driver from a compromised process.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8460

BID: 98887

Microsoft Rating: Important

Vulnerability Type

Windows PDF Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

 An information disclosure vulnerability exists in Microsoft Windows when a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could read information in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8462

BID: 98900

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this issue could retrieve the base address of the kernel driver from a compromised process.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8465

BID: 98843

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2

Details

A privilege escalation vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this issue could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8466

BID: 98844

Microsoft Rating: Important

Vulnerability Type

Windows Cursor Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2

Details

A privilege escalation vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited this issue could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8468

BID: 98846

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1

Details

A privilege escalation vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this issue could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8469

BID: 98842

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8470

BID: 98848

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8471

BID: 98849

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8472

BID: 98851

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8473

BID: 98852

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8474

BID: 98902

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

 An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8475

BID: 98853

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8476

BID: 98903

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems Microsoft Windows 7 for x64-based Systems Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8477

BID: 98854

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8478

BID: 98845

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8479

BID: 98856

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8480

BID: 98857

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8481

BID: 98862

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8482

BID: 98858

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8483

BID: 98859

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8484

BID: 98847

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8485

BID: 98860

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8488

BID: 98864

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8489

BID: 98865

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8490

BID: 98867

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8491

BID: 98869

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8492

BID: 98870

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by sending a specially crafted application.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8493

BID: 98850

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

A security bypass vulnerability exists when Microsoft Windows fails to enforce case sensitivity for certain variable checks, which could allow an attacker to set variables that are either read-only or require authentication.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8494

BID: 98855

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

Details

A privilege escalation vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8506

BID: 98811

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Details

A remote code execution vulnerability exists when Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this issue could take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8507

BID: 98827

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Details

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this issue could take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8508

BID: 98828

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Details

A security bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats. The security bypass by itself does not allow arbitrary code execution.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8509

BID: 98812

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Word for Mac 2011 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office Web Apps Server 2013 SP1 Microsoft Word 2016 for Mac Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Details

A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8510

BID: 98813

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition)

Details

 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8511

BID: 98815

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft SharePoint Server 2013 SP1 Microsoft Office Web Apps Server 2013 SP1 Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Details

A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8512

BID: 98816

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft SharePoint Server 2013 SP1 Microsoft Office Web Apps Server 2013 SP1 Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Details

A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8513

BID: 98830

Microsoft Rating: Important

Vulnerability Type

Microsoft PowerPoint Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft PowerPoint 2007 Service Pack 3 Microsoft PowerPoint 2016 for Mac Microsoft PowerPoint for Mac 2011 Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions)

Details

A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8514

BID: 98831

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Reflective XSS Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016

Details

A cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8515

BID: 98833

Microsoft Rating: Important

Vulnerability Type

Windows VAD Cloning Denial of Service Vulnerability
Denial of Service

Vulnerability Affects

Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A denial of service vulnerability exists in Microsoft Windows when an unauthenticated attacker sends a specially crafted kernel mode request. An attacker who successfully exploited this issue could cause a denial of service on the target system, causing the machine to either stop responding or reboot.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8519

BID: 98899

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10

Details

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8521

BID: 98925

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8523

BID: 98928

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

 A security bypass vulnerability exists when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows. An attacker could use this vulnerability to trick a user into loading a page with malicious content.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8529

BID: 98953

Microsoft Rating: Important

Vulnerability Type

Microsoft Browser Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: MSIE CVE-2017-8529

Other Detections

AV: N/A

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8530

BID: 98863

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

A security bypass vulnerability that affects Microsoft Edge.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8531

BID: 98819

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8532

BID: 98820

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8533

BID: 98821

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8534

BID: 98822

Microsoft Rating: Important

Vulnerability Type

Windows Uniscribe Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8544

BID: 98826

Microsoft Rating: Important

Vulnerability Type

Windows Search Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows RT 8.1

Details

An information disclosure vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8545

BID: 98917

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook for Mac Spoofing Vulnerability
Spoofing

Vulnerability Affects

Microsoft Outlook 2016 for Mac

Details

A spoofing vulnerability exists when Microsoft Outlook for Mac does not sanitize html or treat it in a safe manner. An attacker who successfully tricked the user could gain access to the user's authentication information or login credentials.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8547

BID: 98932

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Memory Corruption Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8550

BID: 98916

Microsoft Rating: Important

Vulnerability Type

Skype for Business Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Skype Microsoft Lync 2010

Details

An information disclosure vulnerability that affects Skype for Business.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8551

BID: 98913

Microsoft Rating: Important

Vulnerability Type

SharePoint XSS vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft SharePoint Server 2016

Details

 A privilege escalation vulnerability exists when SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: [SCSPBP1] Generic Windows Interactive Protection

 

ID and Rating

CAN/CVE ID: CVE-2017-8553

BID: 98940

Microsoft Rating: Important

Vulnerability Type

GDI Information Disclosure Vulnerablity
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this issue could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8554

BID: 98942

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1

Details

 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this issue could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8555

BID: 98956

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Security Feature Bypass
Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could use this vulnerability to trick a user into loading a web page with malicious content.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8498

BID: 98886

Microsoft Rating: Moderate

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists in Microsoft Edge that allows JavaScript XML DOM objects to detect installed browser extensions. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a malicious website in an attempt to make a user visit it.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2017-8504

BID: 98892

Microsoft Rating: Low

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

The following entries were added by Microsoft post-release

 

ID and Rating

CAN/CVE ID: CVE-2017-8575

BID: 98956

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Windows 10 for 32-bit Systems             
Windows 10 for x64-based Systems       
Windows 10 Version 1511 for 32-bit Systems        
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems        
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems        
Windows 10 Version 1703 for x64-based Systems
Windows Server 2016                          
Windows Server 2016 (Server Core installation)

Details

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

ID and Rating

CAN/CVE ID: CVE-2017-8576

BID: 99210

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Elevation of Privilege Vulnerability
Elevation of Priviledge

Vulnerability Affects

Windows 10 for 32-bit Systems              
Windows 10 for x64-based Systems        
Windows 10 Version 1511 for 32-bit Systems        
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems        
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems        
Windows 10 Version 1703 for x64-based Systems
Windows Server 2016                              
Windows Server 2016 (Server Core installation)

Details

An Elevation of Privilege vulnerability exists when the Windows Graphics component improperly initializes contents in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2017-8579

BID: 98892

Microsoft Rating: Important

Vulnerability Type

DirectX Elevation of Privilege Vulnerability
Elevation of Priviledge

Vulnerability Affects

Windows 10 for 32-bit Systems            
Windows 10 for x64-based Systems        
Windows 10 Version 1511 for 32-bit Systems        
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems        
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems        
Windows 10 Version 1703 for x64-based Systems
Windows Server 2016                            
Windows Server 2016 (Server Core installation)

Details

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security: N/A