Symantec product detections for Microsoft monthly Security Bulletins - July 2017

book

Article ID: 169780

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: ADV170009

BID:

Microsoft Rating: Critical

Vulnerability Type

July Flash Security Update

Vulnerability Affects

See Adobe homepage

Details

See Adobe homepage

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8463

BID: 99389

Microsoft Rating: Critical

Vulnerability Type

Windows Explorer Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016

Details

A Remote Code Execution vulnerability exists when Windows Explorer improperly handles executable files and shares during rename operations. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8584

BID: 99434

Microsoft Rating: Critical

Vulnerability Type

Hololens Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

Details

A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8589

BID: 99425

Microsoft Rating: Critical

Vulnerability Type

Windows Search Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for Itanium-based Systems SP2

Details

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8591

BID: 99430

Microsoft Rating: Critical

Vulnerability Type

Windows IME Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

Details

A remote code execution vulnerability exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class. The DCOM server is a Windows component installed regardless of which languages/IMEs are enabled.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8594

BID: 99401

Microsoft Rating: Critical

Vulnerability Type

Internet Explorer Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9

Details

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8594

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8595

BID: 99403

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8596

BID: 99405

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8598

BID: 99417

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8598

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8601

BID: 99420

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8601

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8603

BID: 99406

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8604

BID: 99407

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8605

BID: 99388

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: MSEdge CVE-2017-8605

Other Detections

AV: Exp.CVE-2017-8605

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8606

BID: 99408

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8607

BID: 99410

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1511 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1511 for 32-bit Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems Internet Explorer 10 on Windows Server 2012 Microsoft Edge on Windows 10 for 32-bit Systems Microsoft Edge on Windows 10 for x64-based Systems Microsoft Edge on Windows 10 Version 1511 for x64-based Systems Microsoft Edge on Windows 10 Version 1511 for 32-bit Systems Microsoft Edge on Windows Server 2016 Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8608

BID: 99412

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1511 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1511 for 32-bit Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems Internet Explorer 10 on Windows Server 2012 Microsoft Edge on Windows 10 for 32-bit Systems Microsoft Edge on Windows 10 for x64-based Systems Microsoft Edge on Windows 10 Version 1511 for x64-based Systems Microsoft Edge on Windows 10 Version 1511 for 32-bit Systems Microsoft Edge on Windows Server 2016 Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8609

BID: 99418

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way that the JScript and VBScript engines render when handling objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8610

BID: 99415

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8617

BID: 99422

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: MSEdge CVE-2017-8617

Other Detections

AV: Exp.CVE-2017-8617

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8618

BID: 99399

Microsoft Rating: Critical

Vulnerability Type

Internet Explorer Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8618

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8619

BID: 99392

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the Microsoft Edge JavaScript scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8619

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-0243

BID: 98105

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office Web Apps 2010 Service Pack 2 Microsoft Business Productivity Servers 2010 Service Pack 2

Details

A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-0243

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8467

BID: 99409

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1

Details

An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8486

BID: 99414

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists in Microsoft Windows when Win32k fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8495

BID: 99424

Microsoft Rating: Important

Vulnerability Type

Kerberos SNAME Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows RT 8.1

Details

A security feature bypass vulnerability exists in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field during ticket exchange. An attacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8501

BID: 99441

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office for Mac 2011 Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft PowerPoint 2013 RT Service Pack 1 Microsoft Office 2016 for Mac Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office Online Server 2016 Microsoft Outlook 2013 RT Service Pack 1 Microsoft SharePoint Enterprise Server 2013 Microsoft Office Compatibility Pack SP3 Microsoft Excel Services on Microsoft SharePoint Server 2010 Service Pack 1 Microsoft Excel 2007 SP2

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8502

BID: 99442

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2010 SP2 (32-bit editions) Microsoft Excel 2010 SP2 (64-bit editions)

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8503

BID: 99395

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Edge

Details

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8556

BID: 99439

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

Details

An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8557

BID: 99387

Microsoft Rating: Important

Vulnerability Type

Windows System Information Console Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1

Details

An information disclosure vulnerability exists in the Windows System Information Console when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8559

BID: 99448

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Cross-Site Scripting Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Exchange Server 2010 Service Pack 3 Microsoft Exchange Server 2013 Service Pack 1 Microsoft Exchange Server 2013 Cumulative Update 16 Microsoft Exchange Server 2016 Cumulative Update 5

Details

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8560

BID: 99449

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Cross-Site Scripting Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Exchange Server 2010 Service Pack 3 Microsoft Exchange Server 2013 Service Pack 1 Microsoft Exchange Server 2013 Cumulative Update 16 Microsoft Exchange Server 2016 Cumulative Update 5

Details

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8561

BID: 99426

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8562

BID: 99397

Microsoft Rating: Important

Vulnerability Type

Windows ALPC Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8563

BID: 99402

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An elevation of privilege vulnerability exists in Microsoft Windows when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a domain controller.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8564

BID: 99428

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

Details

 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the base address of the kernel driver from a compromised process.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8565

BID: 99394

Microsoft Rating: Important

Vulnerability Type

Windows PowerShell Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8566

BID: 99404

Microsoft Rating: Important

Vulnerability Type

Windows IME Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Details

An elevation of privilege vulnerability exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class. The DCOM server is a Windows component installed regardless of which languages/IMEs are enabled.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8569

BID: 99447

Microsoft Rating: Important

Vulnerability Type

SharePoint Server XSS Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016

Details

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8570

BID: 99445

Microsoft Rating: Important

Vulnerability Type

Office Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions)

Details

 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8573

BID: 99431

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

 An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8574

BID: 99438

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Elevation of Privilege Vulnerability

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8577

BID: 99416

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8578

BID: 99419

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1

Details

An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8580

BID: 99421

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1

Details

An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8581

BID: 99423

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1

Details

 An elevation of privilege vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8582

BID: 99429

Microsoft Rating: Important

Vulnerability Type

Asp.Net Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An Information Disclosure vulnerability exists when the ASP. NET server application component improperly handles objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8585

BID: 99432

Microsoft Rating: Important

Vulnerability Type

.NET Denial of Service Vulnerability
Denial of Service

Vulnerability Affects

Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.6.2

Details

A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8587

BID: 99413

Microsoft Rating: Important

Vulnerability Type

Windows Explorer Denial of Service Vulnerability
Denial of Service

Vulnerability Affects

Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows Server 2012 R2 Windows RT 8.1 Windows Server 2012 R2 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1511 for x64-based Systems Windows 10 Version 1511 for 32-bit Systems

Details

A Denial Of Service vulnerability exists when Windows Explorer attempts to open a non-existent file. An attacker who successfully exploited this vulnerability could cause a denial of service.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8588

BID: 99400

Microsoft Rating: Important

Vulnerability Type

Wordpad Remote Code Execution Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2

Details

A remote code execution vulnerability exists in the way that Microsoft WordPad parses specially crafted files. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft WordPad.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8590

BID: 99427

Microsoft Rating: Important

Vulnerability Type

Windows CLFS Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control of the affected system.

Details

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8592

BID: 99396

Microsoft Rating: Important

Vulnerability Type

Microsoft Browser Security Feature Bypass
Security Feature Bypass

Vulnerability Affects

Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

An security feature bypass vulnerability exists when Microsoft Browsers improperly handle redirect requests. This vulnerability allows Microsoft Browsers to bypass CORS redirect restrictions and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited this vulnerability could force the browser to send data that would otherwise be restricted to a destination web site of their choice.

Intrusion Protection System (IPS) Response

Sig ID: Not Feasible

Other Detections

AV: Exp.CVE-2017-8592

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8599

BID: 99393

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

A security feature bypass vulnerability exists when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows. An attacker could use this vulnerability to trick a user into loading a page with malicious content.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8602

BID: 99390

Microsoft Rating: Important

Vulnerability Type

Microsoft Browser Spoofing Vulnerability
Spoofing

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 11

Details

A spoofing vulnerability exists when an affected Microsoft browser does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-0170

BID: 99398

Microsoft Rating: Moderate

Vulnerability Type

Windows Performance Monitor Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016

Details

An information disclosure vulnerability exists in the Windows Performance Monitor Console when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

 

ID and Rating

CAN/CVE ID: CVE-2017-8611

BID: 99391

Microsoft Rating: Moderate

Vulnerability Type

Microsoft Edge Spoofing Vulnerability
Spoofing

Vulnerability Affects

Microsoft Edge

Details

 A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

The following entries reflect the OOB Security Updates for Microsoft Office released July 27

ID and Rating

CAN/CVE ID: CVE-2017-8571

BID: 

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Outlook Security Feature Bypass Vulnerability
Security Feature bypass

Vulnerability Affects

 

Details

A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8572

BID: 

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Outlook Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

 

Details

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data..

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2017-8663

BID: 

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Outlook Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

 

Details

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security: