This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
|
ID and Rating |
CAN/CVE ID: AV170013 BID: N/A Microsoft Rating: Critical |
|
Vulnerability Type |
September 2017 Flash Security Update |
|
Vulnerability Affects |
See Adobe Bulletin |
|
Details |
See Adobe Bulletin |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-0161 BID: 100728 Microsoft Rating: Critical |
|
Vulnerability Type |
NetBIOS Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain sequencing requirements. To exploit the vulnerability, an attacker needs to be able to send specially crafted NetBT Session Service packets to an impacted system. An attacker who successfully exploits the vulnerability could execute arbitrary code on the target. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-11764 BID: 100726 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-11766 BID: 100729 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8649 BID: 100754 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8660 BID: 100757 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8676 BID: 100755 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows GDI+ Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Live Meeting 2007 Add-in |
|
Details |
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8682 BID: 100772 Microsoft Rating: Critical |
|
Vulnerability Type |
Win32k Graphics Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2007 Service Pack 3 |
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8686 BID: 100730 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows DHCP Server Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows Server 2012 |
|
Details |
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8728 BID: 100739 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft PDF Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2017-8728 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8729 BID: 100733 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8731 BID: 100735 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8734 BID: 100738 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Exp.CVE-2017-8734 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8737 BID: 100749 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft PDF Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Exp.CVE-2017-8737 Data Center Security: N/A |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8738 BID: 100759 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2017-8738 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8740 BID: 100763 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8741 BID: 100764 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Internet Explorer 9 |
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8747 BID: 100765 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Internet Explorer 10 |
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Exp.CVE-2017-8747 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8748 BID: 100766 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Internet Explorer 11 |
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8749 BID: 100770 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Internet Explorer 10 |
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2017-8749 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8750 BID: 100771 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Browser Memory Corruption Vulnerability |
|
Vulnerability Affects |
Internet Explorer 11 |
|
Details |
A remote code execution vulnerability exists when Microsoft browsers improperly access objects in memory. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8751 BID: 100774 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8752 BID: 100775 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8753 BID: 100776 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2017-8753 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8755 BID: 100778 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8756 BID: 100718 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8757 BID: 100721 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists in the way Microsoft Edge handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Exp.CVE-2017-8757 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-11761 BID: 100731 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Exchange Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Exchange Server 2013 Cumulative Update 16 |
|
Details |
An input sanitization issue exists with Microsoft Exchange that could potentially result in unintended Information Disclosure. An attacker who successfully exploited the vulnerability could identify the existence of RFC1918 addresses on the local network from a client on the Internet. An attacker could use this internal host information as part of a larger attack. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8567 BID: 100719 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Remote Code Execution |
|
Vulnerability Affects |
Microsoft Excel for Mac 2011 |
|
Details |
A vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8597 BID: 100745 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
An information disclosure vulnerability exists when Microsoft Edge does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8628 BID: 100744 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Bluetooth Driver Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems |
|
Details |
A spoofing vulnerability exists in Microsoft's implementation of the Bluetooth stack. An attacker who successfully exploited this vulnerability could perform a man-in-the-middle attack and force a user's computer to unknowingly route traffic through the attacker's computer. The attacker can then monitor and read the traffic before sending it on to the intended recipient. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8629 BID: 100725 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint XSS Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Server 2013 Service Pack 1 |
|
Details |
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8630 BID: 100732 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 (32-bit edition) |
|
Details |
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8631 BID: 100751 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
|
Vulnerability Affects |
Excel Services |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8632 BID: 100734 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Office Compatibility Pack Service Pack 3 |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8643 BID: 100747 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
An information disclosure vulnerability exists when Microsoft Edge improperly handles clipboard events. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8648 BID: 100750 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8675 BID: 100752 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8677 BID: 100767 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8678 BID: 100769 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8679 BID: 100720 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8680 BID: 100722 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 7 for 32-bit Systems Service Pack 1 |
|
Details |
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8681 BID: 100727 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8683 BID: 100781 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Graphics Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8684 BID: 100782 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI+ Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 7 for 32-bit Systems Service Pack 1 |
|
Details |
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8685 BID: 100724 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI+ Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 7 for 32-bit Systems Service Pack 1 |
|
Details |
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8687 BID: 100736 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An Information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8688 BID: 100756 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI+ Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface+ (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8692 BID: 100762 Microsoft Rating: Important |
|
Vulnerability Type |
Uniscribe Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8695 BID: 100773 Microsoft Rating: Important |
|
Vulnerability Type |
Graphics Component Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Live Meeting 2007 Add-in |
|
Details |
An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8696 BID: 100780 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Graphics Component Remote Code Execution |
|
Vulnerability Affects |
Microsoft Live Meeting 2007 Add-in |
|
Details |
A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8699 BID: 100783 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Shell Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
A remote code execution vulnerability exists when Windows Shell does not properly validate file copy destinations. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8702 BID: 100785 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8704 BID: 100787 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Denial of Service Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for x64-based Systems |
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8706 BID: 100789 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8707 BID: 100790 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8708 BID: 100791 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8709 BID: 100792 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8710 BID: 100793 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 7 for 32-bit Systems Service Pack 1 |
|
Details |
An information disclosure vulnerability exists in the Microsoft Common Console Document (.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8711 BID: 100794 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8712 BID: 100795 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8713 BID: 100796 Microsoft Rating: Important |
|
Vulnerability Type |
Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8714 BID: 100797 Microsoft Rating: Important |
|
Vulnerability Type |
Remote Desktop Virtual Host Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for x64-based Systems |
|
Details |
A remote code execution vulnerability exists in the VM Host Agent Service of Remote Desktop Virtual Host role when it fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could issue a specially crafted certificate on the guest operating system that could cause the VM host agent service on the host operating system to execute arbitrary code. The Remote Desktop Virtual Host role is not enabled by default. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8716 BID: 100802 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
A security feature bypass vulnerability exists when Windows Control Flow Guard mishandles objects in memory. |
|
Details |
Windows 10 Version 1703 for 32-bit Systems |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8719 BID: 100803 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8720 BID: 100804 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1511 for 32-bit Systems |
|
Details |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8724 BID: 100777 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8725 BID: 100758 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Publisher Remote Code Execution |
|
Vulnerability Affects |
Microsoft Publisher 2007 Service Pack 3 |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8733 BID: 100737 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Spoofing Vulnerability |
|
Vulnerability Affects |
Internet Explorer 9 |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8736 BID: 100743 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Browser Information Disclosure Vulnerability |
|
Vulnerability Affects |
Internet Explorer 11 |
|
Details |
An information disclosure vulnerability exists in Microsoft browsers due to improper parent domain verification in certain functionality. An attacker who successfully exploited the vulnerability could obtain specific information that is used in the parent domain. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8739 BID: 100761 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Information Disclosure Vulnerability |
|
Vulnerability Affects |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
|
Details |
Microsoft Edge |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review
|
|
ID and Rating |
CAN/CVE ID: CVE-2017-8742 BID: 100741 Microsoft Rating: Important |
|
Vulnerability Type |
PowerPoint Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office Compatibility Pack Service Pack 3 |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8743 BID: 100746 Microsoft Rating: Important |
|
Vulnerability Type |
PowerPoint Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft PowerPoint 2016 (32-bit edition) |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8744 BID: 100748 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2007 Service Pack 3 |
|
Details |
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8745 BID: 100753 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Cross Site Scripting Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 Service Pack 1 |
|
Details |
A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8746 BID: 100760 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for 32-bit Systems |
|
Details |
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8754 BID: 100779 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A security feature bypass exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8758 BID: 100723 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Exchange Cross-Site Scripting Vulnerability |
|
Vulnerability Affects |
Microsoft Exchange Server 2016 Cumulative Update 6 |
|
Details |
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8759 BID: 100742 Microsoft Rating: Important |
|
Vulnerability Type |
.NET Framework Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft .NET Framework 2.0 Service Pack 2 Windows 7 for x64-based Systems Service Pack 1
|
|
Details |
A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker who successfully exploited this vulnerability in software using the .NET framework could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Attack: WSDL Soap CVE-2017-8759 |
|
Other Detections |
AV: Exp.CVE-2017-8759 Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-9417 BID: 99482 Microsoft Rating: Important |
|
Vulnerability Type |
Broadcom BCM43xx Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Windows 10 Version 1607 for 32-bit Systems |
|
Details |
A remote code execution vulnerability exists when the Broadcom chipset in HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8723 BID: 100768 Microsoft Rating: Moderate |
|
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A security feature bypass exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: CVE-2017-8735 BID: 100740 Microsoft Rating: Moderate |
|
Vulnerability Type |
Microsoft Edge Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |
|
ID and Rating |
CAN/CVE ID: AV170015 BID: N/A Microsoft Rating: None |
|
Vulnerability Type |
Microsoft Office Defense in Depth Update |
|
Vulnerability Affects |
Microsoft Office 2007 Service Pack 3 |
|
Details |
N/A |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: Under review |