This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
ID and Rating |
CAN/CVE ID: ADV170019 BID: N/A Microsoft Rating: Critical |
Vulnerability Type |
November 2017 Flash Security Updates |
Vulnerability Affects |
See Adobe.com for details |
Details |
See Adobe.com for details |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11836 BID: 101727 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11837 BID: 101722 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2017-11837 Remote Memory Corruption Vulnerability |
Other Detections |
AV: Exp.CVE-2017-11837 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11838 BID: 101737 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11839 BID: 101735 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11840 BID: 101734 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11841 BID: 101733 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11841 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11843 BID: 101740 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft ChakraCore Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2017-11843 Remote Memory Corruption Vulnerability |
Other Detections |
AV: Exp.CVE-2017-11843 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11845 BID: 101708 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11846 BID: 101741 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft ChakraCore Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2017-11846 Remote Memory Corruption Vulnerability |
Other Detections |
AV: Exp.CVE-2017-11846 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11855 BID: 101751 Microsoft Rating: Critical |
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 |
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2017-11855 Remote Memory Corruption Vulnerability |
Other Detections |
AV: Exp.CVE-2017-11855 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11856 BID: 101753 Microsoft Rating: Critical |
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 |
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11856 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11858 BID: 101716 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft ChakraCore Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Details |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Exp.CVE-2017-11858 |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11859 BID: 101720 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11861 BID: 101723 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11861 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11862 BID: 101724 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11866 BID: 101732 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11869 BID: 101742 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11869 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11870 BID: 101731 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11871 BID: 101730 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11873 BID: 101728 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11873 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11768 BID: 101705 Microsoft Rating: Important |
Vulnerability Type |
Windows Media Player Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems |
Details |
An information vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to test for the presence of files on disk. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11770 BID: 101710 Microsoft Rating: Important |
Vulnerability Type |
Asp.NET CORE Denial Of Service Vulnerability |
Vulnerability Affects |
Microsoft ASP.NET Core 1.0 Microsoft ASP.NET Core 1.1 Microsoft ASP.NET Core 2.0 |
Details |
A denial of service vulnerability exists when . NET Core improperly handles web requests. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11788 BID: 101711 Microsoft Rating: Important |
Vulnerability Type |
Windows Search Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems |
Details |
A denial of service vulnerability exists when Windows Search improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11791 BID: 101715 Microsoft Rating: Important |
Vulnerability Type |
Scripting Engine Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft ChakraCore |
Details |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11791 Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11803 BID: 101704 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11827 BID: 101703 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Browser Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer 10 |
Details |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11830 BID: 101714 Microsoft Rating: Important |
Vulnerability Type |
Device Guard Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server Version 1709 |
Details |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11831 BID: 101721 Microsoft Rating: Important |
Vulnerability Type |
Windows Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems |
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11832 BID: 101726 Microsoft Rating: Important |
Vulnerability Type |
Windows EOT Font Engine Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 |
Details |
An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11833 BID: 101706 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11834 BID: 101725 Microsoft Rating: Important |
Vulnerability Type |
Scripting Engine Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 9 Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 |
Details |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11835 BID: 101736 Microsoft Rating: Important |
Vulnerability Type |
Windows EOT Font Engine Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 |
Details |
An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11842 BID: 101719 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems |
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11844 BID: 101707 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11847 BID: 101729 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11849 BID: 101762 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems |
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11850 BID: 101738 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems |
Details |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11851 BID: 101763 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems |
Details |
A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11852 BID: 101739 Microsoft Rating: Important |
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 |
Details |
A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11853 BID: 101764 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems |
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11854 BID: 101746 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Word Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office Compatibility Pack Service Pack 3 |
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2017-11854 Memory Corruption Vulnerability |
Other Detections |
AV: Exp.CVE-2017-11854 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11863 BID: 101748 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11872 BID: 101749 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Edge |
Details |
A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross-Origin Resource Sharing (CORS) redirect restrictions, and to follow redirect requests that should otherwise be ignored. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11874 BID: 101750 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A security feature bypass vulnerability exists in Microsoft Edge as a result of how memory is accessed in code compiled by the Edge Just-In-Time (JIT) compiler that allows Control Flow Guard (CFG) to be bypassed. By itself, this CFG bypass vulnerability does not allow arbitrary code execution. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11877 BID: 101747 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Excel Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Excel 2007 SP3 Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions |
Details |
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11878 BID: 101756 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Excel Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Office Compatibility Pack SP3 Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 (64-bit editions) Microsoft Excel 2013 (32-bit editions) Microsoft Excel 2010 SP2 (64-bit editions) Microsoft Excel 2010 SP2 (32-bit editions) Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Excel 2007 SP3 Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) |
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: Exp.CVE-2017-11878 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11879 BID: 101713 Microsoft Rating: Important |
Vulnerability Type |
ASP.NET Core Elevation Of Privilege Vulnerability |
Vulnerability Affects |
Microsoft ASP.NET Core 2.0 |
Details |
An open redirect vulnerability exists in ASP. NET Core that could lead to Elevation of privilege. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11880 BID: 101755 Microsoft Rating: Important |
Vulnerability Type |
Windows Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 |
Details |
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11882 BID: 101757 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) |
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Office CVE-2017-11882 2 |
Other Detections |
AV: Exp.CVE-2017-11882 Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11884 BID: 101766 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Office 2007 SP3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) |
Details |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-11848 BID: 101709 Microsoft Rating: Moderate |
Vulnerability Type |
Internet Explorer Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 |
Details |
An information disclosure vulnerability exists when Internet Explorer improperly handles page content, which could allow an attacker to detect the navigation of the user leaving a maliciously crafted page. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a specially crafted website. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: CVE-2017-11876 BID: 101754 Microsoft Rating: Moderate |
Vulnerability Type |
Microsoft Project Server Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Project Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 |
Details |
An elevation of privilege vulnerability exists in Microsoft Project when Microsoft Project Server does not properly manage user sessions. For this Cross-site Request Forgery(CSRF/XSRF) vulnerability to be exploited, the victim must be authenticated to (logged on) the target site. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: [SCSPBP1] Generic Windows Interactive Protection |
ID and Rating |
CAN/CVE ID: CVE-2017-8700 BID: 101712 Microsoft Rating: Moderate |
Vulnerability Type |
ASP.NET Core Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft ASP.NET Core 1.0 Microsoft ASP.NET Core 1.1 |
Details |
An Information Disclosure vulnerability exists in ASP. net Core that allows bypassing Cross-origin Resource Sharing (CORS) configurations. |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |
ID and Rating |
CAN/CVE ID: ADV170020 BID: N/A Microsoft Rating: None |
Vulnerability Type |
Microsoft Office Defense in Depth Update |
Vulnerability Affects |
Microsoft Office |
Details |
Defense in Depth Update |
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
Other Detections |
AV: Under review Data Center Security: N/A |