ID CVE-2017-0025 Type cve Reporter cve@mitre.org Modified 2019-10-03T00:03:00
Description
The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0005, and CVE-2017-0047.
{"id": "CVE-2017-0025", "bulletinFamily": "NVD", "title": "CVE-2017-0025", "description": "The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\" This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0005, and CVE-2017-0047.", "published": "2017-03-17T00:59:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0025", "reporter": "cve@mitre.org", "references": ["http://www.securitytracker.com/id/1038002", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0025", "http://www.securityfocus.com/bid/96626"], "cvelist": ["CVE-2017-0025"], "type": "cve", "lastseen": "2021-02-02T06:36:30", "edition": 5, "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-96626"]}, {"type": "mscve", "idList": ["MS:CVE-2017-0025"]}, {"type": "mskb", "idList": ["KB4013075"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310810811"]}, {"type": "nessus", "idList": ["SMB_NT_MS17-013.NASL"]}, {"type": "kaspersky", "idList": ["KLA11902", "KLA10979"]}], "modified": "2021-02-02T06:36:30", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-02-02T06:36:30", "rev": 2}, "vulnersScore": 6.5}, "cpe": ["cpe:/o:microsoft:windows_rt_8.1:*", "cpe:/o:microsoft:windows_server_2016:*", "cpe:/o:microsoft:windows_vista:*", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_7:*"], "affectedSoftware": [{"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1607"}, {"cpeName": "microsoft:windows_server_2008", "name": "microsoft windows server 2008", "operator": "eq", "version": "r2"}, {"cpeName": "microsoft:windows_7", "name": "microsoft windows 7", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_8.1", "name": "microsoft windows 8.1", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_server_2012", "name": "microsoft windows server 2012", "operator": "eq", "version": "r2"}, {"cpeName": "microsoft:windows_vista", "name": "microsoft windows vista", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_server_2012", "name": "microsoft windows server 2012", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_rt_8.1", "name": "microsoft windows rt 8.1", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_server_2008", "name": "microsoft windows server 2008", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1511"}, {"cpeName": "microsoft:windows_server_2016", "name": "microsoft windows server 2016", "operator": "eq", "version": "*"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "1038002", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1038002"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0025", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0025"}, {"name": "96626", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96626"}], "immutableFields": []}
{"symantec": [{"lastseen": "2018-03-14T22:40:43", "bulletinFamily": "software", "cvelist": ["CVE-2017-0025"], "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for 64-bit Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 for x64-based Systems \n * Microsoft Windows Vista Service Pack 2 \n * Microsoft Windows Vista x64 Edition Service Pack 2 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2017-03-14T00:00:00", "published": "2017-03-14T00:00:00", "id": "SMNTC-96626", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/96626", "type": "symantec", "title": "Microsoft Windows Graphics CVE-2017-0025 Local Privilege Escalation Vulnerability", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mscve": [{"lastseen": "2021-03-18T19:18:49", "bulletinFamily": "microsoft", "cvelist": ["CVE-2017-0025"], "description": "An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\n\nThe update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation.\n", "modified": "2017-03-14T07:00:00", "published": "2017-03-14T07:00:00", "id": "MS:CVE-2017-0025", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-0025", "type": "mscve", "title": "Windows GDI Elevation of Privilege Vulnerability", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2021-01-01T22:51:28", "bulletinFamily": "microsoft", "cvelist": ["CVE-2017-0001", "CVE-2017-0073", "CVE-2017-0060", "CVE-2017-0025", "CVE-2017-0047", "CVE-2017-0061", "CVE-2017-0014", "CVE-2017-0063", "CVE-2017-0005", "CVE-2017-0038", "CVE-2017-0108", "CVE-2017-0062"], "description": "<html><body><p>Resolves vulnerabilities in the Microsoft Graphics Component on Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync.</p><h2>Summary</h2><p>This security update resolves <span>vulnerabilities </span> in the Microsoft Graphics Component on <span>Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync</span>. These <span>vulnerabilities</span> could allow <span>remote code execution if a user either visits a specially crafted website or opens a specially crafted document</span>. To learn more about the vulnerability, see <a href=\"https://technet.microsoft.com/library/security/MS17-013\" managed-link=\"\">Microsoft Security Bulletin MS17-013</a>.</p><h2>Additional information about this security update</h2><p>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</p><h3>Microsoft Windows</h3><ul><li><span><a data-content-id=\"4017018\" data-content-type=\"article\" href=\"\" managed-link=\"\">4017018</a> Security update for Microsoft Graphics Component: April 11, 2017</span></li><li><span><a data-content-id=\"4012584\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012584</a> MS17-013: Description of the security update for Microsoft Graphics Component: March 14, 2017</span></li><li><span><a data-content-id=\"4012497\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012497</a> MS17-018 and MS17-013: Description of the security update for Windows Kernel-Mode Drivers and for Microsoft Graphics Component: March 14, 2017</span></li><li><span><a data-content-id=\"4012212\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012212</a> March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1</span></li><li><span><a data-content-id=\"4012215\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012215</a> March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1</span></li><li><span><a data-content-id=\"4012213\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012213</a> March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2</span></li><li><span><a data-content-id=\"4012216\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012216</a> March 2017 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2</span></li><li><span><a data-content-id=\"4012214\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012214</a> March 2017 Security Only Quality Update for Windows Server 2012</span></li><li><span><a data-content-id=\"4012217\" data-content-type=\"article\" href=\"\" managed-link=\"\">4012217</a> March 2017 Security Monthly Quality Rollup for Windows Server 2012</span></li><li><a data-content-id=\"4012606\" data-content-type=\"article\" href=\"\" managed-link=\"\"><span>4012606</span></a><span> March 14, 2017\u2014KB4012606 (OS Build 17312)</span></li><li><a data-content-id=\"4013198\" data-content-type=\"article\" href=\"\" managed-link=\"\"><span>4013198</span></a><span> March 14, 2017\u2014KB4013198 (OS Build 830)</span></li><li><a data-content-id=\"4013429\" data-content-type=\"article\" href=\"\" managed-link=\"\"><span>4013429</span></a><span> March 13, 2017\u2014KB4013429 (OS Build 933)</span></li></ul><h3>Microsoft Office</h3><ul><li><span><a data-content-id=\"3127945\" data-content-type=\"article\" href=\"\" managed-link=\"\">3127945</a> MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017</span></li><li><span><a data-content-id=\"3141535\" data-content-type=\"article\" href=\"\" managed-link=\"\">3141535</a> MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017</span></li><li><span><a data-content-id=\"3127958\" data-content-type=\"article\" href=\"\" managed-link=\"\">3127958</a> MS17-013: Description of the security update for Office 2010: March 14, 2017</span></li><li><span><a data-content-id=\"3178688\" data-content-type=\"article\" href=\"\" managed-link=\"\">3178688</a> MS17-013: Description of the security update for Office 2010: March 14, 2017</span></li><li><p><span><a data-content-id=\"3178693\" data-content-type=\"article\" href=\"\" managed-link=\"\">3178693</a> MS17-013: Description of the security update for Word Viewer: March 14, 2017</span></p></li><li><p><a data-content-id=\"3178653\" data-content-type=\"article\" href=\"\" managed-link=\"\">3178653</a> MS17-013: Description of the security update for Word Viewer: March 14, 2017</p></li></ul><h3>Microsoft Communications Platforms and Software</h3><ul><li><span><span class=\"rangySelectionBoundary\" id=\"selectionBoundary_1488465606268_23836768258523966\">\ufeff</span><span class=\"rangySelectionBoundary\" id=\"selectionBoundary_1488465616136_8587837880022898\">\ufeff</span><a bookmark-id=\"\" data-content-id=\"4010299\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">4010299</a><span class=\"rangySelectionBoundary\" id=\"selectionBoundary_1488465616135_20135987119110604\">\ufeff</span><span class=\"rangySelectionBoundary\" id=\"selectionBoundary_1488465606265_4522627963893642\">\ufeff</span> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010: March 14, 2017</span></li><li><span><a bookmark-id=\"\" data-content-id=\"4010300\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">4010300</a> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010 Attendee\u00a0(user level install): March 14, 2017</span></li><li><span><a bookmark-id=\"\" data-content-id=\"4010301\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">4010301</a> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010 Attendee\u00a0(admin level install): March 14, 2017</span></li><li><span><a bookmark-id=\"\" data-content-id=\"4010303\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">4010303</a> MS17-013: Description of the security update for Microsoft Graphics Component on Live Meeting 2007 Console: March 14, 2017</span></li><li><a data-content-id=\"4010304\" data-content-type=\"article\" href=\"\" managed-link=\"\">4010304</a> MS17-013: Description of the security update for Microsoft Graphics Component on Live Meeting Add-in: March 14, 2017</li><li><a data-content-id=\"3172539\" data-content-type=\"article\" href=\"\" managed-link=\"\">3172539</a> MS17-013: Description of the security update for Lync 2013 (Skype for Business): March 14, 2017</li><li><a data-content-id=\"3178656\" data-content-type=\"article\" href=\"\" managed-link=\"\">3178656</a> MS17-013: Description of the security update for Skype for Business 2016: March 14, 2017</li></ul><h3><span>Microsoft Developer Tools and Software</span></h3><ul><li><span><a data-content-id=\"4013867\" data-content-type=\"article\" href=\"\" managed-link=\"\">4013867</a> MS17-013: Description of the security update for Microsoft Graphics Component on Microsoft Silverlight 5: March 14, 2017</span></li></ul><h2>Security update deployment information</h2><h3><strong>Windows Vista (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"26%\"><p><strong>Security update file names</strong></p></td><td width=\"73%\"><p>For all supported 32-bit editions of Windows Vista:<br/><strong>Windows6.0-KB4017018-x86.msu<br/>Windows6.0-KB4012584-x86.msu<br/>Windows6.0-KB4012497-x86.msu</strong></p></td></tr><tr><td width=\"26%\"><p>\u00a0</p></td><td width=\"73%\"><p>For all supported x64-based editions of Windows Vista:<br/><strong>Windows6.0-KB4017018-x64.msu<br/>Windows6.0-KB4012584-x64.msu<br/>Windows6.0-KB4012497-x64.msu</strong></p></td></tr><tr><td width=\"26%\"><p><strong>Installation switches</strong></p></td><td width=\"73%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"26%\"><p><strong>Restart requirement</strong></p></td><td width=\"73%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"26%\"><p><strong>Removal information</strong></p></td><td width=\"73%\"><ol start=\"10\"><li value=\"3307\">does not support uninstall of updates. To uninstall an update installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under \"Windows Update,\" click <strong>View installed updates</strong> and select from the list of updates.</li></ol></td></tr><tr><td width=\"26%\"><p><strong>File information</strong></p></td><td width=\"73%\"><p>See <a href=\"https://support.microsoft.com/kb/4017018\"><u>Microsoft Knowledge Base article 4017018</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012584\"><u>Microsoft Knowledge Base article 4012584</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012497\"><u>Microsoft Knowledge Base article 4012497</u></a></p></td></tr><tr><td width=\"26%\"><p><strong>Registry key verification</strong></p></td><td width=\"73%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><p>\u00a0</p><h3><strong>Windows Server 2008 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"26%\"><p><strong>Security update file names</strong></p></td><td width=\"73%\"><p>For all supported 32-bit editions of Windows Server 2008:<br/><strong>Windows6.0-KB4017018-x86.msu<br/>Windows6.0-KB4012584-x86.msu<br/>Windows6.0-KB4012497-x86.msu</strong></p></td></tr><tr><td width=\"26%\"><p>\u00a0</p></td><td width=\"73%\"><p>For all supported x64-based editions of Windows Server 2008:<br/><strong>Windows6.0-KB4017018-x64.msu<br/>Windows6.0-KB4012584-x64.msu<br/>Windows6.0-KB4012497-x64.msu</strong></p></td></tr><tr><td width=\"26%\"><p>\u00a0</p></td><td width=\"73%\"><p>For all supported Itanium-based editions of Windows Server 2008<br/><strong>Windows6.0-KB4017018-ia64.msu<br/>Windows6.0-KB4012584-ia64.msu<br/>Windows6.0-KB4012497-ia64.msu</strong></p></td></tr><tr><td width=\"26%\"><p><strong>Installation switches</strong></p></td><td width=\"73%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"26%\"><p><strong>Restart requirement</strong></p></td><td width=\"73%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"26%\"><p><strong>Removal information</strong></p></td><td width=\"73%\"><p>WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under \"Windows Update,\" click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"26%\"><p><strong>File information</strong></p></td><td width=\"73%\"><p>See <a href=\"https://support.microsoft.com/kb/4017018\"><u>Microsoft Knowledge Base article 4017018</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012584\"><u>Microsoft Knowledge Base article 4012584</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012497\"><u>Microsoft Knowledge Base article 4012497</u></a></p></td></tr><tr><td width=\"26%\"><p><strong>Registry key verification</strong></p></td><td width=\"73%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows 7 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"29%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 7:<br/><strong>indows6.1-KB4012212-x64.msu</strong><br/>Security only</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 7:<br/><strong>Windows6.1-KB4012215-x64.msu</strong><br/>Monthly rollup</p></td></tr><tr><td width=\"29%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a><u> </u></p></td></tr><tr><td width=\"29%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"29%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall </strong>setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then under \"Windows Update,\" click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"29%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/4012212\"><u>Microsoft Knowledge Base article 4012212</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012215\"><u>Microsoft Knowledge Base article 4012215</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows Server 2008 R2 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"29%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows Server 2008 R2:<br/><strong>Windows6.1-KB4012212-x64.msu</strong><br/>Security only</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows Server 2008 R2:<br/><strong>Windows6.1-KB4012215-x64.msu</strong><br/>Monthly rollup</p></td></tr><tr><td width=\"29%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"29%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then under \"Windows Update,\" click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"29%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/4012212\"><u>Microsoft Knowledge Base article 4012212</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012215\"><u>Microsoft Knowledge Base article 4012215</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows 8.1 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"29%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 8.1:<br/><strong>Windows8.1-KB4012213-x64.msu</strong><br/>Security only</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 8.1:<br/><strong>Windows8.1-KB4012216-x64.msu</strong><br/>Monthly rollup</p></td></tr><tr><td width=\"29%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"29%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under \"See also,\" click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"29%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/4012213\"><u>Microsoft Knowledge Base article 4012213</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012216\"><u>Microsoft Knowledge Base article 4012216</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows RT 8.1 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"29%\"><p><strong>Deployment</strong></p></td><td width=\"71%\"><p>The 4012216 monthly rollup update is available via <a href=\"http://go.microsoft.com/fwlink/?LinkId=21130\"><u>Windows Update</u></a> only.</p></td></tr><tr><td width=\"29%\"><p><strong>Restart requirement</strong></p></td><td width=\"71%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"29%\"><p><strong>Removal information</strong></p></td><td width=\"71%\"><p>Click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under \"See also,\" click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"29%\"><p><strong>File information</strong></p></td><td width=\"71%\"><p>See <a href=\"https://support.microsoft.com/kb/4012213\"><u>Microsoft Knowledge Base article 4012213</u></a></p></td></tr></tbody></table><h3><strong>Windows Server 2012 and Windows Server 2012 R2 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"29%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported editions of Windows Server 2012:<br/><strong>Windows8-RT-KB4012214-x64.msu</strong><br/>Security only</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported editions of Windows Server 2012:<br/><strong>Windows8-RT-KB4012217-x64.msu</strong><br/>Monthly rollup</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported editions of Windows Server 2012 R2:<br/><strong>Windows8.1-KB4012213-x64.msu</strong><br/>Security only</p></td></tr><tr><td width=\"29%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported editions of Windows Server 2012 R2:<br/><strong>Windows8.1-KB4012216-x64.msu</strong><br/>Monthly rollup</p></td></tr><tr><td width=\"29%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"29%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under \"See also,\" click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"29%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/4012214\"><u>Microsoft Knowledge Base article 4012214</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012217\"><u>Microsoft Knowledge Base article 4012217</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012213\"><u>Microsoft Knowledge Base article 4012213</u></a><br/>See <a href=\"https://support.microsoft.com/kb/4012216\"><u>Microsoft Knowledge Base article 4012216</u></a></p></td></tr><tr><td width=\"29%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows 10 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"30%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 10:<br/><strong>Windows10.0-KB4012606-x64.msu</strong></p></td></tr><tr><td width=\"30%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 10 Version 1511:<br/><strong>Windows10.0-KB4013198-x64.msu</strong></p></td></tr><tr><td width=\"30%\"><p>\u00a0</p></td><td width=\"70%\"><p>For all supported x64-based editions of Windows 10 Version 1607:<br/><strong>Windows10.0-KB4013429-x64.msu</strong></p></td></tr><tr><td width=\"30%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"30%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"30%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under \"See also,\" click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"30%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/en-sg/help/12387/windows-10-update-history\" target=\"_self\"><u>Windows 10 and Windows Server 2016 update history</u></a>.</p></td></tr><tr><td width=\"30%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Windows Server 2016 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"30%\"><p><strong>Security update file name</strong></p></td><td width=\"70%\"><p>For all supported editions of Windows Server 2016:<br/><strong>Windows10.0-KB4013429-x64.msu</strong></p></td></tr><tr><td width=\"30%\"><p><strong>Installation switches</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/kb/934307\"><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=\"30%\"><p><strong>Restart requirement</strong></p></td><td width=\"70%\"><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=\"30%\"><p><strong>Removal information</strong></p></td><td width=\"70%\"><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under \"See also,\" click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=\"30%\"><p><strong>File information</strong></p></td><td width=\"70%\"><p>See <a href=\"https://support.microsoft.com/en-sg/help/12387/windows-10-update-history\" target=\"_self\"><u>Windows 10 and Windows Server 2016 update history</u></a>.</p></td></tr><tr><td width=\"30%\"><p><strong>Registry key verification</strong></p></td><td width=\"70%\"><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p>\u00a0</p><p>\u00a0</p><h3><strong>Microsoft Office 2007 (all editions) and Other Software</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"182\"><p><strong>Security update file name</strong></p></td><td width=\"335\"><p><span>For Microsoft Office 2007 Service Pack 3:<br/><strong>ogl2007-kb3127945-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=\"182\"><p>\u00a0</p></td><td width=\"335\"><p><span>For Microsoft Office 2007 Service Pack 3:<br/><strong>usp102007-kb3141535-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=\"182\"><p>\u00a0</p></td><td width=\"335\"><p>For Microsoft Word Viewer:<br/><strong>office2003-kb3178693-fullfile-enu.exe</strong></p></td></tr><tr><td width=\"182\"><p>\u00a0</p></td><td width=\"335\"><p>For Microsoft Word Viewer:<br/><strong>office2003-kb3178653-fullfile-enu.exe</strong></p></td></tr><tr><td width=\"182\"><p><strong>Installation switches</strong></p></td><td width=\"335\"><p>See <a href=\"https://support.microsoft.com/kb/912203\"><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=\"182\"><p><strong>Restart requirement</strong></p></td><td width=\"335\"><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br/><br/>To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=\"https://support.microsoft.com/kb/887012\"><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=\"182\"><p><strong>Removal information</strong></p></td><td width=\"335\"><p>Use the <strong>Add or Remove Programs</strong> item in <strong>Control Panel</strong>.</p></td></tr><tr><td width=\"182\"><p><strong>File information</strong></p></td><td width=\"335\"><p>See <a href=\"https://support.microsoft.com/kb/3127945\"><u>Microsoft Knowledge Base article 3127945</u></a><br/>See <a href=\"https://support.microsoft.com/kb/3141535\"><u>Microsoft Knowledge Base article 3141535</u></a><br/>See <a href=\"https://support.microsoft.com/kb/3178693\"><u>Microsoft Knowledge Base article 3178693</u></a><br/>See <a href=\"https://support.microsoft.com/kb/3178653\"><u>Microsoft Knowledge Base article 3178653</u></a></p></td></tr><tr><td width=\"182\"><p><strong>Registry key verification</strong></p></td><td width=\"335\"><p>Not applicable</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Microsoft Office 2010 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"184\"><p><strong>Security update file name</strong></p></td><td width=\"333\"><p><span>For Microsoft Office 2010 Service Pack 2 (32-bit editions):<br/><strong>ogl2010-kb3127958-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=\"184\"><p>\u00a0</p></td><td width=\"333\"><p><span>For Microsoft Office 2010 Service Pack 2 (64-bit editions):<br/><strong>ogl2010-kb3127958-fullfile-x64-glb.exe</strong></span></p></td></tr><tr><td width=\"184\"><p>\u00a0</p></td><td width=\"333\"><p><span>For Microsoft Office 2010 Service Pack 2 (32-bit editions):<br/><strong>usp102010-kb3178688-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=\"184\"><p>\u00a0</p></td><td width=\"333\"><p><span>For Microsoft Office 2010 Service Pack 2 (64-bit editions):<br/><strong>usp102010-kb3178688-fullfile-x64-glb.exe</strong></span></p></td></tr><tr><td width=\"184\"><p><strong>Installation switches</strong></p></td><td width=\"333\"><p>See <a href=\"https://support.microsoft.com/kb/912203\"><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=\"184\"><p><strong>Restart requirement </strong></p></td><td width=\"333\"><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br/><br/>To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=\"https://support.microsoft.com/kb/887012\"><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=\"184\"><p><strong>Removal information</strong></p></td><td width=\"333\"><p>Use the <strong>Add or Remove Programs</strong> item in <strong>Control Panel</strong>.</p></td></tr><tr><td width=\"184\"><p><strong>File information</strong></p></td><td width=\"333\"><p>See <a href=\"https://support.microsoft.com/kb/3127958\"><u>Microsoft Knowledge Base article 3127958</u></a><br/>See <a href=\"https://support.microsoft.com/kb/3178688\"><u>Microsoft Knowledge Base article 3178688</u></a></p></td></tr><tr><td width=\"184\"><p><strong>Registry key verification</strong></p></td><td width=\"333\"><p>Not applicable</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Microsoft Live Meeting 2007, Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), and Microsoft Lync Basic 2013 (Skype for Business Basic) </strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"25%\"><p><strong>Security update file name</strong></p></td><td width=\"74%\"><p>For Microsoft Live Meeting 2007 Console (4010303):<br/><strong>LMSetup.exe</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Live Meeting 2007 Add-in (4010304)<br/><strong>ConfAddins_Setup.exe</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 (32-bit) (4010299):<br/><strong>lync.msp</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 (64-bit) (4010299):<br/><strong>lync.msp</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (user level install) (4010300):<br/><strong>AttendeeUser.msp</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (admin level install) (4010301):<br/><strong>AttendeeAdmin.msp</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For all supported editions of Microsoft Lync 2013 (Skype for Business) (32-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (32-bit):<br/><strong>lync2013-kb3172539-fullfile-x86-glb.exe</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For all supported editions of Microsoft Lync 2013 (Skype for Business) (64-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (64-bit):<br/><strong>lync2013-kb3172539-fullfile-x64-glb.exe</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For all supported 32-bit editions of Skype for Business 2016 and Skype for Business Basic 2016:<br/><strong>lync2016-kb3178656-fullfile-x86-glb.exe</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For all supported 64-bit editions of Skype for Business Basic 2016:<br/><strong>lync2016-kb3178656-fullfile-x64-glb.exe</strong></p></td></tr><tr><td width=\"25%\"><p><strong>Installation switches</strong></p></td><td width=\"74%\"><p>See <a href=\"http://support.microsoft.com/kb/912203\"><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=\"25%\"><p><strong>Restart requirement</strong></p></td><td width=\"74%\"><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br/><br/>To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=\"http://support.microsoft.com/kb/887012\"><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=\"25%\"><p><strong>Removal information</strong></p></td><td width=\"74%\"><p>Use the <strong>Add or Remove Programs</strong> item in Control Panel.</p></td></tr><tr><td width=\"25%\"><p><strong>File information</strong></p></td><td width=\"74%\"><p>For Microsoft Live Meeting 2007 Console:<br/>See <a href=\"http://support.microsoft.com/kb/4010303\"><u>Microsoft Knowledge Base article 4010303</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Live Meeting 2007 Add-In:<br/>See <a href=\"http://support.microsoft.com/kb/4010304\"><u>Microsoft Knowledge Base article 4010304</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For all supported editions of Microsoft Lync 2010:<br/>See <a href=\"http://support.microsoft.com/kb/4010299\"><u>Microsoft Knowledge Base article 4010299</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (user level install):<br/>See <a href=\"http://support.microsoft.com/kb/4010300\"><u>Microsoft Knowledge Base article 4010300</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (admin level install):<br/>See <a href=\"http://support.microsoft.com/kb/4010301\"><u>Microsoft Knowledge Base article 4010301</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic):<br/>See <a href=\"http://support.microsoft.com/kb/3172539\"><u>Microsoft Knowledge Base article 3172539</u></a></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Skype for Business 2016 and Skype for Business Basic 2016:<br/>See <a href=\"http://support.microsoft.com/kb/3178656\"><u>Microsoft Knowledge Base article 3178656</u></a></p></td></tr><tr><td width=\"25%\"><p><strong>Registry key verification</strong></p></td><td width=\"74%\"><p>For Microsoft Live Meeting 2007 Console:<br/>Not applicable</p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 (32-bit):<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br/>Version = <strong>7577.4525</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 (64-bit):<br/>HKEY_LOCAL_MACHINE\\ SOFTWARE\\Wow6432Node\\Microsoft\\Active Setup\\Installed Components\\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br/>Version = <strong>7577. 4525</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (user level install):<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br/>Version = <strong>7577. 4525</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2010 Attendee (admin level install):<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\94E53390F8C13794999249B19E6CFE33\\InstallProperties\\DisplayVersion = <strong>4.0.7577. 4525</strong></p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):<br/>Not applicable</p></td></tr><tr><td width=\"25%\"><p>\u00a0</p></td><td width=\"74%\"><p>For Skype for Business 2016 and Skype for Business Basic 2016:<br/>Not applicable</p></td></tr></tbody></table><p>\u00a0</p><h3><strong>Silverlight 5 for Windows (all supported releases)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table class=\"table\"><tbody><tr><td width=\"17%\"><p><strong>Security update file names</strong></p></td><td width=\"82%\"><p>For Microsoft Silverlight 5 when installed on all supported 32-bit releases of Microsoft Windows:<br/><strong>silverlight.exe</strong></p></td></tr><tr><td width=\"17%\"><p>\u00a0</p></td><td width=\"82%\"><p>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 32-bit releases of Microsoft Windows:<br/><strong>silverlight_developer.exe</strong></p></td></tr><tr><td width=\"17%\"><p>\u00a0</p></td><td width=\"82%\"><p>For Microsoft Silverlight 5 when installed on all supported 64-bit releases of Microsoft Windows:<br/><strong>silverlight_x64.exe</strong></p></td></tr><tr><td width=\"17%\"><p>\u00a0</p></td><td width=\"82%\"><p>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 64-bit releases of Microsoft Windows:<br/><strong>silverlight_developer_x64.exe</strong></p></td></tr><tr><td width=\"17%\"><p><strong>Installation switches</strong></p></td><td width=\"82%\"><p>See the <a href=\"http://download.microsoft.com/download/C/D/5/CD5AAAE3-21F7-47A8-B7D5-39E36BAF9AC8/Silverlight_Deployment_Guide.docx\"><u>Silverlight Enterprise Deployment Guide</u></a></p></td></tr><tr><td width=\"17%\"><p><strong>Restart requirement</strong></p></td><td width=\"82%\"><p>This update does not require a restart.</p></td></tr><tr><td width=\"17%\"><p><strong>Removal information</strong></p></td><td width=\"82%\"><p>Use <strong>Add or Remove Programs</strong> item in Control Panel. (Note that the update cannot be removed without removing Silverlight.)</p></td></tr><tr><td width=\"17%\"><p><strong>File information</strong></p></td><td width=\"82%\"><p>See <a href=\"http://support.microsoft.com/kb/3193713\"><u>Microsoft Knowledge Base article 3193713</u></a></p></td></tr><tr><td width=\"17%\"><p><strong>Registry key verification</strong></p></td><td width=\"82%\"><p>For 32-bit installations of Microsoft Silverlight 5:<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Silverlight \"Version\" = \"<span>5.1.</span> 50905<span>.0</span>\"</p></td></tr><tr><td width=\"17%\"><p>\u00a0</p></td><td width=\"82%\"><p>For 64-bit installations of Microsoft Silverlight 5:<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Silverlight \"Version\" = \"<span>5.1.50901.0</span>\"<br/>and<br/>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Silverlight \"Version\" = \"<span>5.1.</span> 50905<span>.0</span>\"</p></td></tr></tbody></table><h2>How to obtain help and support for this security update</h2><p>Help for installing updates: <a href=\"https://support.microsoft.com/ph/6527\" managed-link=\"\">Support for Microsoft Update</a></p><p>Security solutions for IT professionals: <a href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\">TechNet Security Troubleshooting and Support</a></p><p>Help for protecting your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\">Virus Solution and Security Center</a></p><p>Local support according to your country: <a href=\"http://support.microsoft.com/\" managed-link=\"\">International Support</a></p></body></html>", "edition": 3, "modified": "2017-05-10T00:17:43", "id": "KB4013075", "href": "https://support.microsoft.com/en-us/help/4013075/", "published": "2017-03-14T00:00:00", "title": "MS17-013: Security Update for Microsoft Graphics Component: March 14, 2017", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-04-01T06:16:24", "description": "The remote Windows host is missing a security update. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Multiple elevation of privilege vulnerabilities exist in\n the Windows Graphics Device Interface (GDI) component\n due to improper handling of objects in memory. A local\n attacker can exploit these vulnerabilities, via a\n specially crafted application, to execute arbitrary code\n in kernel mode. (CVE-2017-0001, CVE-2017-0005,\n CVE-2017-0025, CVE-2017-0047)\n\n - Multiple remote code execution vulnerabilities exist in\n the Windows Graphics component due to improper handling\n of objects in memory. An unauthenticated, remote\n attacker can exploit these vulnerabilities, by\n convincing a user to visit a specially crafted web page\n or open a specially crafted document, to execute\n arbitrary code. (CVE-2017-0014, CVE-2017-0108)\n\n - An information disclosure vulnerability exists in the\n Windows Graphics Device Interface (GDI) component due to\n improper handling of objects in memory. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to visit a specially crafted web page\n or open a specially crafted document, to disclose the\n contents of memory. (CVE-2017-0038)\n\n - Multiple information disclosure vulnerabilities exist in\n the Windows Graphics Device Interface (GDI) component\n due to improper handling of memory addresses. A local\n attacker can exploit these vulnerabilities, via a\n specially crafted application, to disclose sensitive\n information. (CVE-2017-0060, CVE-2017-0062,\n CVE-2017-0073)\n\n - Multiple information disclosure vulnerabilities exist in\n the Color Management Module (ICM32.dll) due to improper\n handling of objects in memory. An unauthenticated,\n remote attacker can exploit this, by convincing a user\n to visit a specially crafted web page, to disclose\n sensitive information and bypass usermode Address Space\n Layout Randomization (ASLR). (CVE-2017-0061,\n CVE-2017-0063)", "edition": 39, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-03-17T00:00:00", "title": "MS17-013: Security Update for Microsoft Graphics Component (4013075)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-0001", "CVE-2017-0073", "CVE-2017-0060", "CVE-2017-0025", "CVE-2017-0047", "CVE-2017-0061", "CVE-2017-0014", "CVE-2017-0063", "CVE-2017-0005", "CVE-2017-0038", "CVE-2017-0108", "CVE-2017-0062"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:microsoft:skype_for_business", "cpe:/a:microsoft:lync_basic", "cpe:/o:microsoft:windows", "cpe:/a:microsoft:word_viewer", "cpe:/a:microsoft:silverlight", "cpe:/a:microsoft:office", "cpe:/a:microsoft:lync_attendee", "cpe:/a:microsoft:live_meeting_console", "cpe:/a:microsoft:lync"], "id": "SMB_NT_MS17-013.NASL", "href": "https://www.tenable.com/plugins/nessus/97794", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97794);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\n \"CVE-2017-0001\",\n \"CVE-2017-0005\",\n \"CVE-2017-0014\",\n \"CVE-2017-0025\",\n \"CVE-2017-0038\",\n \"CVE-2017-0047\",\n \"CVE-2017-0060\",\n \"CVE-2017-0061\",\n \"CVE-2017-0062\",\n \"CVE-2017-0063\",\n \"CVE-2017-0073\",\n \"CVE-2017-0108\"\n );\n script_bugtraq_id(\n 96013,\n 96023,\n 96033,\n 96034,\n 96057,\n 96626,\n 96637,\n 96638,\n 96643,\n 96713,\n 96715,\n 96722\n );\n script_xref(name:\"MSFT\", value:\"MS17-013\");\n script_xref(name:\"MSKB\", value:\"3127945\");\n script_xref(name:\"MSKB\", value:\"3127958\");\n script_xref(name:\"MSKB\", value:\"3141535\");\n script_xref(name:\"MSKB\", value:\"3172539\");\n script_xref(name:\"MSKB\", value:\"3178653\");\n script_xref(name:\"MSKB\", value:\"3178656\");\n script_xref(name:\"MSKB\", value:\"3178688\");\n script_xref(name:\"MSKB\", value:\"3178693\");\n script_xref(name:\"MSKB\", value:\"4010096\");\n script_xref(name:\"MSKB\", value:\"4010299\");\n script_xref(name:\"MSKB\", value:\"4010300\");\n script_xref(name:\"MSKB\", value:\"4010301\");\n script_xref(name:\"MSKB\", value:\"4010303\");\n script_xref(name:\"MSKB\", value:\"4010304\");\n script_xref(name:\"MSKB\", value:\"4012212\");\n script_xref(name:\"MSKB\", value:\"4012213\");\n script_xref(name:\"MSKB\", value:\"4012214\");\n script_xref(name:\"MSKB\", value:\"4012215\");\n script_xref(name:\"MSKB\", value:\"4012216\");\n script_xref(name:\"MSKB\", value:\"4012217\");\n script_xref(name:\"MSKB\", value:\"4012497\");\n script_xref(name:\"MSKB\", value:\"4012583\");\n script_xref(name:\"MSKB\", value:\"4017018\");\n script_xref(name:\"MSKB\", value:\"4012584\");\n script_xref(name:\"MSKB\", value:\"4012606\");\n script_xref(name:\"MSKB\", value:\"4013198\");\n script_xref(name:\"MSKB\", value:\"4013429\");\n script_xref(name:\"MSKB\", value:\"4013867\");\n script_xref(name:\"IAVA\", value:\"2017-A-0063\");\n\n script_name(english:\"MS17-013: Security Update for Microsoft Graphics Component (4013075)\");\n script_summary(english:\"Checks the version of win32k.sys or the installed rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing a security update. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Multiple elevation of privilege vulnerabilities exist in\n the Windows Graphics Device Interface (GDI) component\n due to improper handling of objects in memory. A local\n attacker can exploit these vulnerabilities, via a\n specially crafted application, to execute arbitrary code\n in kernel mode. (CVE-2017-0001, CVE-2017-0005,\n CVE-2017-0025, CVE-2017-0047)\n\n - Multiple remote code execution vulnerabilities exist in\n the Windows Graphics component due to improper handling\n of objects in memory. An unauthenticated, remote\n attacker can exploit these vulnerabilities, by\n convincing a user to visit a specially crafted web page\n or open a specially crafted document, to execute\n arbitrary code. (CVE-2017-0014, CVE-2017-0108)\n\n - An information disclosure vulnerability exists in the\n Windows Graphics Device Interface (GDI) component due to\n improper handling of objects in memory. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to visit a specially crafted web page\n or open a specially crafted document, to disclose the\n contents of memory. (CVE-2017-0038)\n\n - Multiple information disclosure vulnerabilities exist in\n the Windows Graphics Device Interface (GDI) component\n due to improper handling of memory addresses. A local\n attacker can exploit these vulnerabilities, via a\n specially crafted application, to disclose sensitive\n information. (CVE-2017-0060, CVE-2017-0062,\n CVE-2017-0073)\n\n - Multiple information disclosure vulnerabilities exist in\n the Color Management Module (ICM32.dll) due to improper\n handling of objects in memory. An unauthenticated,\n remote attacker can exploit this, by convincing a user\n to visit a specially crafted web page, to disclose\n sensitive information and bypass usermode Address Space\n Layout Randomization (ASLR). (CVE-2017-0061,\n CVE-2017-0063)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2017/ms17-013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Windows XP, 2003, Vista,\n2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.\nAdditionally, Microsoft has released a set of patches for Office 2007,\nOffice 2010, Word Viewer, Skype for Business 2016, Lync 2010, Lync\n2010 Attendee, Lync 2013, Lync Basic 2013, Live Meeting 2007 Console,\nand Silverlight 5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-0108\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word_viewer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:live_meeting_console\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:lync\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:lync_basic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:lync_attendee\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:skype_for_business\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:silverlight\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"silverlight_detect.nasl\", \"microsoft_lync_server_installed.nasl\", \"smb_hotfixes.nasl\", \"office_installed.nasl\", \"ms_bulletin_checks_possible.nasl\", \"smb_check_rollup.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nkbs = make_list('3127945',\n '3127958',\n '3141535',\n '3172539',\n '3178653',\n '3178656',\n '3178688',\n '3178693',\n '4010096',\n '4010299',\n '4010300',\n '4010301',\n '4010303',\n '4010304',\n '4012212',\n '4012213',\n '4012214',\n '4012215',\n '4012216',\n '4012217',\n '4012497',\n '4012583',\n '4017018',\n '4012584',\n '4012606',\n '4013198',\n '4013429',\n '4013867'\n);\n\nbulletin = 'MS17-013';\ncommon_office_path = '';\n\nfunction perform_office_checks() {\n local_var office_vers, office_sp, common_path, path, prod, kb, vuln, installs;\n office_vers = hotfix_check_office_version();\n vuln = 0;\n # Office 2003 checks\n if (office_vers[\"11.0\"])\n {\n local_var wvchecks = {\n \"11.0\": {\"version\" : \"11.0.8440.0\",\n \"kb\" : \"3178693\"}\n };\n\n # check if Word Viewer is installed\n installs = get_kb_list(\"SMB/Office/WordViewer/*/ProductPath\");\n\n # install checks only if found\n if (keys(installs))\n {\n if (hotfix_check_office_product(product:\"WordViewer\",\n display_name:\"Word Viewer\",\n checks:wvchecks,\n bulletin:bulletin))\n vuln++;\n\n # word viewer DLL check in common files dir\n common_path = hotfix_get_officecommonfilesdir(officever:\"11.0\");\n path = hotfix_append_path(path:common_path, value:\"Microsoft Shared\\Office11\");\n if (hotfix_check_fversion(file:\"usp10.dll\",\n version:\"1.0626.6002.24058\",\n min_version:\"1.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"3178653\",\n product:\"Microsoft Word Viewer\") == HCF_OLDER)\n vuln++;\n }\n }\n # Office 2007 checks\n if (office_vers[\"12.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n prod = \"Microsoft Office 2007 SP3\";\n common_path = hotfix_get_officecommonfilesdir(officever:\"12.0\");\n path = hotfix_append_path(path:common_path, value:\"Microsoft Shared\\Office12\");\n if (hotfix_check_fversion(file:\"ogl.dll\",\n version:\"12.0.6764.5000\",\n min_version:\"12.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"3127945\",\n product:prod) == HCF_OLDER ||\n hotfix_check_fversion(file:\"usp10.dll\",\n version:\"1.0626.6002.24058\",\n min_version:\"1.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"3141535\",\n product:prod) == HCF_OLDER)\n vuln++;\n path = common_path + \"\\Live Meeting 8\\Addins\\\";\n if (hotfix_check_fversion(file:\"LMAddins.dll\",\n version:\"8.0.6362.264\",\n min_version:\"8.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"4010304\",\n product: \"Live Meeting 2007 Add-in\") == HCF_OLDER)\n vuln ++;\n } # end of SP3 checks\n } # end of Office 2007 checks\n if (office_vers[\"14.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (!isnull(office_sp) && office_sp == 2)\n {\n prod = \"Microsoft Office 2010 SP2\";\n common_path = hotfix_get_officecommonfilesdir(officever:\"14.0\");\n path = hotfix_append_path(path:common_path, value:\"Microsoft Shared\\Office14\");\n if ((hotfix_check_fversion(file:\"ogl.dll\",\n version:\"14.0.7179.5000\",\n min_version:\"14.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"3127958\",\n product:prod) == HCF_OLDER) ||\n (hotfix_check_fversion(file:\"usp10.dll\",\n version:\"1.0626.7601.23668\",\n min_version:\"1.0.0.0\",\n path:path,\n bulletin:bulletin,\n kb:\"3178688\",\n product:prod) == HCF_OLDER))\n vuln++;\n } # end sp2\n\n } # end office 2010`\n return vuln;\n}\n\nfunction lync_is_vuln()\n{\n local_var vuln, lync_count, lync_installs, lync_install;\n local_var lync = \"Microsoft Lync\";\n lync_count = get_install_count(app_name:lync);\n vuln = 0;\n if (int(lync_count) <= 0)\n return FALSE;\n\n lync_installs = get_installs(app_name:lync);\n\n foreach (lync_install in lync_installs[1])\n {\n if ((\"Live Meeting 2007 Console\" >< lync_install[\"Product\"]) &&\n (hotfix_check_fversion(file:\"pubutil.dll\",\n version:\"8.0.6362.264\",\n min_version:\"8.0.0.0\",\n path:lync_install[\"path\"],\n bulletin:bulletin,\n kb:\"4010303\",\n product:\"Live Meeting 2007 Console\") == HCF_OLDER))\n vuln++;\n # the same check works for both Microsoft Lync 2010 and\n # Microsoft Lync 2010 Attendee (Ocpptview.dll, v.4.0.7577.4525)\n if ((\"Microsoft Lync 2010\" >< lync_install[\"Product\"]) &&\n (hotfix_check_fversion(file:\"Ocpptview.dll\",\n version:\"4.0.7577.4525\",\n min_version:\"4.0.0.0\",\n path:lync_install[\"path\"],\n kb:\"4010299\",\n product:\"Microsoft Lync 2010\") == HCF_OLDER))\n vuln++;\n if ((lync_install[\"version\"] =~ \"^4\\.0\\.\" && \"Server\" >!< lync_install[\"Product\"]\n && \"Attendee\" >< lync_install[\"Product\"]))\n {\n if(\"user level\" >< lync_install[\"Product\"] &&\n hotfix_check_fversion(file:\"MeetingJoinAxAOC.DLL\",\n version:\"4.0.7577.4525\",\n min_version:\"4.0.0.0\",\n path:lync_install[\"path\"],\n kb:\"4010300\",\n product:\"Microsoft Lync 2010 Attendee\") == HCF_OLDER)\n vuln++;\n else if (hotfix_check_fversion(file:\"MeetingJoinAxAOC.DLL\",\n version:\"4.0.7577.4525\",\n min_version:\"4.0.0.0\",\n path:lync_install[\"path\"],\n kb:\"4010301\",\n product:\"Microsoft Lync 2010 Attendee\") == HCF_OLDER)\n vuln++;\n }\n if(\"Microsoft Lync\" >< lync_install[\"Product\"] && lync_install[\"version\"] =~ \"^15\\.\" &&\n (hotfix_check_fversion(file:\"Lync.exe\",\n version:\"15.0.4911.1000\",\n min_version:\"15.0.0.0\",\n path:lync_install[\"path\"],\n kb:\"3172539\",\n product:\"Microsoft Lync 2013\") == HCF_OLDER))\n vuln++;\n # Skype for business\n if ((lync_install[\"version\"] =~ \"^16\\.0\\.\" && \"Server\" >!< lync_install[\"Product\"]) &&\n (hotfix_check_fversion(file:\"Lync.exe\",\n version:\"16.0.4510.1000\",\n min_version:\"16.0.0.0\",\n path:lync_install[\"path\"],\n kb:\"3178656\",\n product:\"Skype for Business 2016\") == HCF_OLDER))\n vuln++;\n }\n\n return vuln;\n}\n\nfunction silverlight_is_vuln()\n{\n local_var silver, path, report, fix;\n local_var vuln = 0;\n silver = get_kb_item(\"SMB/Silverlight/Version\");\n if (!isnull(silver) && silver =~ \"^5\\.\")\n {\n fix = \"5.1.50905.0\";\n if (ver_compare(ver:silver, fix:fix) == -1)\n {\n path = get_kb_item(\"SMB/Silverlight/Path\");\n if (isnull(path)) path = 'n/a';\n\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + silver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(report, bulletin:bulletin, kb:\"4013867\");\n vuln++;\n }\n }\n return vuln;\n}\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\n# double check this\nif (hotfix_check_sp_range(xp:'2,3', win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nwin_8 = (\"Windows 8\" >< productname && \"8.1\" >!< productname);\n\nvuln = 0;\nvuln += lync_is_vuln();\nvuln += perform_office_checks();\nvuln += silverlight_is_vuln();\n\nif (\n # Windows XP SP3 (x86)\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"gdi32.dll\", version:\"5.1.2600.7209\", min_version:\"5.1.2600.5000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4012583\", arch:\"x86\") ||\n # Windows Server 2003 SP2 (x64) / Windows XP SP2 (x64)\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"gdi32.dll\", version:\"5.2.3790.6022\", min_version:\"5.2.3790.3000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4012583\", arch:\"x64\") ||\n\n # Vista / 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Gdi32.dll\", version:\"6.0.6002.24081\", min_version:\"6.0.6002.23000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4017018\") ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Gdi32.dll\", version:\"6.0.6002.19758\", min_version:\"6.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4017018\") ||\n hotfix_is_vulnerable(os:'6.0', sp:2, file:'Icm32.dll', version:'6.0.6002.24065', min_version:'6.0.6002.23000', dir:\"\\system32\", bulletin:bulletin, kb:\"4012584\") ||\n hotfix_is_vulnerable(os:'6.0', sp:2, file:'Icm32.dll', version:'6.0.6002.19741', min_version:'6.0.6002.18000', dir:\"\\system32\", bulletin:bulletin, kb:\"4012584\") ||\n hotfix_is_vulnerable(os:'6.0', sp:2, file:'Win32k.sys', version:'6.0.6002.24065', min_version:'6.0.6002.23000', dir:\"\\system32\", bulletin:bulletin, kb:\"4012497\") ||\n hotfix_is_vulnerable(os:'6.0', sp:2, file:'Win32k.sys', version:'6.0.6002.19741', min_version:'6.0.6002.18000', dir:\"\\system32\", bulletin:bulletin, kb:\"4012497\") ||\n\n # Windows 8\n hotfix_is_vulnerable(os:'6.2', file:'gdiplus.dll', version:'6.2.9200.22082', min_version:'6.2.9200.17000', dir:\"\\system32\", bulletin:bulletin, kb:\"4012583\") ||\n\n # 7 SP1 / 2008 R2 SP1\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4012212, 4012215)) ||\n\n # 8.1 / 2012 R2\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4012213, 4012216)) ||\n # 2012\n (smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4012214, 4012217)) &&\n (!win_8) # must be 2012, not Win 8 to check rollup\n ) ||\n # 2012 R2\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4012213, 4012216)) ||\n # 10 (1507)\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4012606)) ||\n # 10 (1511)\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10586\",\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4013198)) ||\n # 10 (1607)\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date: \"03_2017\",\n bulletin:bulletin,\n rollup_kb_list:make_list(4013429)) ||\n vuln\n)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-08T23:26:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-0001", "CVE-2017-0073", "CVE-2017-0060", "CVE-2017-0025", "CVE-2017-0047", "CVE-2017-0061", "CVE-2017-0014", "CVE-2017-0063", "CVE-2017-0005", "CVE-2017-0038", "CVE-2017-0108", "CVE-2017-0062"], "description": "This host is missing a critical security\n update according to Microsoft Bulletin MS17-013.", "modified": "2020-06-04T00:00:00", "published": "2017-03-15T00:00:00", "id": "OPENVAS:1361412562310810811", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810811", "type": "openvas", "title": "Microsoft Graphics Component Multiple Vulnerabilities (4013075)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Graphics Component Multiple Vulnerabilities (4013075)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810811\");\n script_version(\"2020-06-04T12:11:49+0000\");\n script_cve_id(\"CVE-2017-0001\", \"CVE-2017-0005\", \"CVE-2017-0025\", \"CVE-2017-0047\",\n \"CVE-2017-0060\", \"CVE-2017-0062\", \"CVE-2017-0073\", \"CVE-2017-0061\",\n \"CVE-2017-0063\", \"CVE-2017-0038\", \"CVE-2017-0108\", \"CVE-2017-0014\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 12:11:49 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-03-15 11:04:14 +0530 (Wed, 15 Mar 2017)\");\n script_name(\"Microsoft Graphics Component Multiple Vulnerabilities (4013075)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft Bulletin MS17-013.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - The way the Windows Graphics Device Interface (GDI) handles objects in memory.\n\n - The Windows GDI component improperly discloses the contents of its memory.\n\n - The way that the Color Management Module (ICM32.dll) handles objects in memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to perform remote code execution, gain access to potentially sensitive\n information and gain elevated privileges.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 8 x86/x64\n\n - Microsoft Windows XP SP2 x64 / SP3 x86\n\n - Microsoft Windows 8.1 x32/x64\n\n - Microsoft Windows 10/1511/1607 x32/x64\n\n - Microsoft Windows Server 2012/2012R2/2016\n\n - Microsoft Windows Vista x32/x64 Edition Service Pack 2\n\n - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2\n\n - Microsoft Windows 7 x32/x64 Edition Service Pack 1\n\n - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1\n\n - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/kb/4013075\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/library/security/MS17-013\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(winVista:3, winVistax64:3, win7:2, win7x64:2, win2008:3, win2008r2:2,\n win2008x64:3, win2012:1, win2012R2:1, win8_1:1, win8_1x64:1, win10:1,\n win10x64:1, win2016:1, win8:1, win8x64:1, xp:4, xpx64:3, win2003:3,\n win2003x64:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nuspVer = fetch_file_version(sysPath:sysPath, file_name:\"Usp10.dll\");\nwinVer = fetch_file_version(sysPath:sysPath, file_name:\"Win32k.sys\");\nicmVer = fetch_file_version(sysPath:sysPath, file_name:\"icm32.dll\");\ngdiVer = fetch_file_version(sysPath:sysPath, file_name:\"gdi32.dll\");\n\nif(!uspVer && !winVer && !icmVer && !gdiVer){\n exit(0);\n}\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n{\n ## Presently GDR information is not available.\n if(winVer && version_is_less(version:winVer, test_version:\"6.1.7601.23677\"))\n {\n Vulnerable_range = \"Less than 6.1.7601.23677\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n if(winVer && version_is_less(version:winVer, test_version:\"6.0.6002.19741\"))\n {\n Vulnerable_range = \"Less than 6.0.6002.19741\";\n VULN = TRUE ;\n }\n\n else if(winVer && version_in_range(version:winVer, test_version:\"6.0.6002.24000\", test_version2:\"6.0.6002.24064\"))\n {\n Vulnerable_range = \"6.0.6002.24000 - 6.0.6002.24064\";\n VULN = TRUE ;\n }\n\n else if(uspVer && version_is_less(version:uspVer, test_version:\"1.626.6002.19743\"))\n {\n Vulnerable_range1 = \"Less than 1.626.6002.19743\";\n VULN1 = TRUE ;\n }\n\n else if(uspVer && version_in_range(version:uspVer, test_version:\"1.626.6002.24000\", test_version2:\"1.626.6002.24066\"))\n {\n Vulnerable_range1 = \"1.626.6002.24000 - 1.626.6002.24066\";\n VULN1 = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(winVistax64:3, win2008x64:3) > 0)\n{\n if(icmVer && version_is_less(version:icmVer, test_version:\"6.0.6002.19741\"))\n {\n Vulnerable_range2 = \"Less than 6.0.6002.19741\";\n VULN2 = TRUE ;\n }\n\n else if(winVer && version_in_range(version:icmVer, test_version:\"6.0.6002.24000\", test_version2:\"6.0.6002.24064\"))\n {\n Vulnerable_range2 = \"6.0.6002.24000 - 6.0.6002.24064\";\n VULN2 = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win2012:1) > 0)\n{\n if(winVer && version_is_less(version:winVer, test_version:\"6.2.9200.22097\"))\n {\n Vulnerable_range = \"Less than 6.2.9200.22097\";\n VULN = TRUE ;\n }\n}\n\n## Win 8.1 and win2012R2\nelse if(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) > 0)\n{\n if(winVer && version_is_less(version:winVer, test_version:\"6.3.9600.18603\"))\n {\n Vulnerable_range = \"Less than 6.3.9600.18603\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win10:1, win10x64:1, win2016:1) > 0)\n{\n if(winVer && version_is_less(version:winVer, test_version:\"10.0.10240.16384\") )\n {\n Vulnerable_range = \"Less than 10.0.10240.16384\";\n VULN = TRUE;\n }\n\n else if(winVer && version_in_range(version:winVer, test_version:\"10.0.10586.0\", test_version2:\"10.0.10586.19\"))\n {\n Vulnerable_range = \"10.0.10586.0 - 10.0.10586.19\";\n VULN = TRUE ;\n }\n\n else if( winVer && version_in_range(version:winVer, test_version:\"10.0.14393.0\", test_version2:\"10.0.14393.593\"))\n {\n Vulnerable_range = \"10.0.14393.0 - 10.0.14393.593\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(xp:4) > 0)\n{\n if(gdiVer && version_is_less(version:gdiVer, test_version:\"5.1.2600.7209\"))\n {\n Vulnerable_range3 = \"Less than 5.1.2600.7209\";\n VULN3 = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win2003:3, win2003x64:3, xpx64:3) > 0)\n{\n if(gdiVer && version_is_less(version:gdiVer, test_version:\"5.2.3790.6022\"))\n {\n Vulnerable_range3 = \"Less than 5.2.3790.6022\";\n VULN3 = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win8:1, win8x64:1) > 0)\n{\n if(gdiVer && version_is_less(version:gdiVer, test_version:\"6.2.9200.22084\"))\n {\n Vulnerable_range3 = \"Less than 6.2.9200.22084\";\n VULN3 = TRUE ;\n }\n}\n\n\n\nif(VULN)\n{\n report = 'File checked: ' + sysPath + \"\\Win32k.sys\" + '\\n' +\n 'File version: ' + winVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range + '\\n' ;\n security_message(data:report);\n exit(0);\n}\n\nelse if(VULN1)\n{\n report = 'File checked: ' + sysPath + \"\\Usp10.dll\" + '\\n' +\n 'File version: ' + uspVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range1 + '\\n' ;\n security_message(data:report);\n exit(0);\n}\n\nelse if(VULN2)\n{\n report = 'File checked: ' + sysPath + \"\\icm32.dll\" + '\\n' +\n 'File version: ' + icmVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range2 + '\\n' ;\n security_message(data:report);\n exit(0);\n}\n\nelse if(VULN3)\n{\n report = 'File checked: ' + sysPath + \"\\gdi32.dll\" + '\\n' +\n 'File version: ' + gdiVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range3 + '\\n' ;\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:53:03", "bulletinFamily": "info", "cvelist": ["CVE-2017-0099", "CVE-2017-0008", "CVE-2017-0101", "CVE-2017-0118", "CVE-2017-0084", "CVE-2017-0117", "CVE-2017-0001", "CVE-2017-0055", "CVE-2017-0073", "CVE-2017-0045", "CVE-2017-0102", "CVE-2017-0125", "CVE-2017-0090", "CVE-2017-0104", "CVE-2017-0089", "CVE-2017-0091", "CVE-2017-0115", "CVE-2017-0096", "CVE-2017-0121", "CVE-2017-0040", "CVE-2017-0050", "CVE-2017-0144", "CVE-2017-0060", "CVE-2017-0116", "CVE-2017-0009", "CVE-2017-0120", "CVE-2017-0025", "CVE-2017-0075", "CVE-2017-0086", "CVE-2017-0124", "CVE-2017-0109", "CVE-2017-0148", "CVE-2017-0119", "CVE-2017-0126", "CVE-2017-0130", "CVE-2017-0113", "CVE-2017-0097", "CVE-2017-0147", "CVE-2017-0112", "CVE-2017-0083", "CVE-2017-0042", "CVE-2017-0047", "CVE-2017-0056", "CVE-2017-0087", "CVE-2017-0123", "CVE-2017-0092", "CVE-2017-0085", "CVE-2017-0103", "CVE-2017-0043", "CVE-2017-0061", "CVE-2017-0014", "CVE-2017-0100", "CVE-2017-0122", "CVE-2017-0063", "CVE-2017-0005", "CVE-2017-0088", "CVE-2017-0128", "CVE-2017-0072", "CVE-2017-0114", "CVE-2017-0146", "CVE-2017-0076", "CVE-2017-0111", "CVE-2017-0038", "CVE-2017-0143", "CVE-2017-0149", "CVE-2017-0108", "CVE-2017-0059", "CVE-2017-0039", "CVE-2017-0062", "CVE-2017-0145", "CVE-2017-0022", "CVE-2017-0127"], "description": "### *Detect date*:\n03/14/2017\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service.\n\n### *Exploitation*:\nThis vulnerability can be exploited by the following malware:\n\n### *Affected products*:\nMicrosoft Silverlight 5 when installed on Microsoft Windows (x64-based) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows Vista x64 Edition Service Pack 2 \nInternet Explorer 9 \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nMicrosoft Office 2010 Service Pack 2 (32-bit editions) \nSkype for Business 2016 (64-bit) \nWindows 8.1 for x64-based systems \nWindows 8.1 for 32-bit systems \nWindows Vista Service Pack 2 \nMicrosoft XML Core Services 3.0 \nMicrosoft Lync 2013 Service Pack 1 (64-bit) \nMicrosoft Office 2010 Service Pack 2 (64-bit editions) \nInternet Explorer 11 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nMicrosoft Lync Basic 2013 Service Pack 1 (64-bit) \nWindows Server 2016 \nMicrosoft Lync 2010 Attendee (admin level install) \nSkype for Business 2016 Basic (32-bit) \nMicrosoft Live Meeting 2007 Add-in \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows RT 8.1 \nSkype for Business 2016 (32-bit) \nMicrosoft Lync 2010 Attendee (user level install) \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows 10 Version 1511 for 32-bit Systems \nMicrosoft Lync 2010 (64-bit) \nMicrosoft Office Word Viewer \nMicrosoft Live Meeting 2007 Console \nMicrosoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit) \nMicrosoft Edge (EdgeHTML-based) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nMicrosoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based) \nMicrosoft Office 2007 Service Pack 3 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1511 for x64-based Systems \nSkype for Business 2016 Basic (64-bit) \nMicrosoft Lync Basic 2013 Service Pack 1 (32-bit) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nInternet Explorer 10 \nMicrosoft Lync 2010 (32-bit) \nMicrosoft Silverlight 5 when installed on Microsoft Windows (32-bit) \nWindows Server 2012 R2 \nMicrosoft Lync 2013 Service Pack 1 (32-bit)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2017-0108](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0108>) \n[CVE-2017-0109](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0109>) \n[CVE-2017-0072](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0072>) \n[CVE-2017-0100](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0100>) \n[CVE-2017-0101](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0101>) \n[CVE-2017-0102](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0102>) \n[CVE-2017-0143](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0143>) \n[CVE-2017-0104](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0104>) \n[CVE-2017-0022](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0022>) \n[CVE-2017-0001](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0001>) \n[CVE-2017-0145](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0145>) \n[CVE-2017-0120](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0120>) \n[CVE-2017-0147](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0147>) \n[CVE-2017-0005](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0005>) \n[CVE-2017-0127](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0127>) \n[CVE-2017-0124](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0124>) \n[CVE-2017-0125](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0125>) \n[CVE-2017-0009](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0009>) \n[CVE-2017-0008](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0008>) \n[CVE-2017-0047](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0047>) \n[CVE-2017-0060](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0060>) \n[CVE-2017-0148](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0148>) \n[CVE-2017-0061](<https://nvd.nist.gov/vuln/detail/CVE-2017-0061>) \n[CVE-2017-0043](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0043>) \n[CVE-2017-0042](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0042>) \n[CVE-2017-0045](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0045>) \n[CVE-2017-0119](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0119>) \n[CVE-2017-0062](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0062>) \n[CVE-2017-0149](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0149>) \n[CVE-2017-0099](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0099>) \n[CVE-2017-0144](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0144>) \n[CVE-2017-0040](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0040>) \n[CVE-2017-0090](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0090>) \n[CVE-2017-0091](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0091>) \n[CVE-2017-0096](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0096>) \n[CVE-2017-0097](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0097>) \n[CVE-2017-0038](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0038>) \n[CVE-2017-0039](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0039>) \n[CVE-2017-0103](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0103>) \n[CVE-2017-0063](<https://nvd.nist.gov/vuln/detail/CVE-2017-0063>) \n[CVE-2017-0118](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0118>) \n[CVE-2017-0117](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0117>) \n[CVE-2017-0116](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0116>) \n[CVE-2017-0115](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0115>) \n[CVE-2017-0114](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0114>) \n[CVE-2017-0113](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0113>) \n[CVE-2017-0112](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0112>) \n[CVE-2017-0111](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0111>) \n[CVE-2017-0092](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0092>) \n[CVE-2017-0076](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0076>) \n[CVE-2017-0014](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0014>) \n[CVE-2017-0059](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0059>) \n[CVE-2017-0056](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0056>) \n[CVE-2017-0055](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0055>) \n[CVE-2017-0050](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0050>) \n[CVE-2017-0123](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0123>) \n[CVE-2017-0122](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0122>) \n[CVE-2017-0073](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0073>) \n[CVE-2017-0075](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0075>) \n[CVE-2017-0025](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0025>) \n[CVE-2017-0146](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0146>) \n[CVE-2017-0128](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0128>) \n[CVE-2017-0089](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0089>) \n[CVE-2017-0088](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0088>) \n[CVE-2017-0121](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0121>) \n[CVE-2017-0130](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0130>) \n[CVE-2017-0126](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0126>) \n[CVE-2017-0083](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0083>) \n[CVE-2017-0085](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0085>) \n[CVE-2017-0084](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0084>) \n[CVE-2017-0087](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0087>) \n[CVE-2017-0086](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0086>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2017-0042](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0042>)0.0Unknown \n[CVE-2017-0096](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0096>)0.0Unknown \n[CVE-2017-0097](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0097>)0.0Unknown \n[CVE-2017-0099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0099>)0.0Unknown \n[CVE-2017-0109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0109>)0.0Unknown \n[CVE-2017-0075](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0075>)0.0Unknown \n[CVE-2017-0076](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0076>)0.0Unknown \n[CVE-2017-0055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055>)0.0Unknown \n[CVE-2017-0102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0102>)0.0Unknown \n[CVE-2017-0103](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0103>)0.0Unknown \n[CVE-2017-0101](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0101>)0.0Unknown \n[CVE-2017-0050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0050>)0.0Unknown \n[CVE-2017-0056](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0056>)0.0Unknown \n[CVE-2017-0043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0043>)0.0Unknown \n[CVE-2017-0045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0045>)0.0Unknown \n[CVE-2017-0022](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0022>)0.0Unknown \n[CVE-2017-0143](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143>)0.0Unknown \n[CVE-2017-0144](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144>)0.0Unknown \n[CVE-2017-0145](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145>)0.0Unknown \n[CVE-2017-0146](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0146>)0.0Unknown \n[CVE-2017-0147](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147>)0.0Unknown \n[CVE-2017-0148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0148>)0.0Unknown \n[CVE-2017-0014](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0014>)0.0Unknown \n[CVE-2017-0060](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0060>)0.0Unknown \n[CVE-2017-0061](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0061>)0.0Unknown \n[CVE-2017-0062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0062>)0.0Unknown \n[CVE-2017-0063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0063>)0.0Unknown \n[CVE-2017-0025](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0025>)0.0Unknown \n[CVE-2017-0073](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0073>)0.0Unknown \n[CVE-2017-0108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0108>)0.0Unknown \n[CVE-2017-0038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0038>)0.0Unknown \n[CVE-2017-0001](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0001>)0.0Unknown \n[CVE-2017-0005](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0005>)0.0Unknown \n[CVE-2017-0047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0047>)0.0Unknown \n[CVE-2017-0072](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0072>)0.0Unknown \n[CVE-2017-0083](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0083>)0.0Unknown \n[CVE-2017-0084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0084>)0.0Unknown \n[CVE-2017-0085](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0085>)0.0Unknown \n[CVE-2017-0086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0086>)0.0Unknown \n[CVE-2017-0087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0087>)0.0Unknown \n[CVE-2017-0088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0088>)0.0Unknown \n[CVE-2017-0089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0089>)0.0Unknown \n[CVE-2017-0090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0090>)0.0Unknown \n[CVE-2017-0091](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0091>)0.0Unknown \n[CVE-2017-0092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0092>)0.0Unknown \n[CVE-2017-0111](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0111>)0.0Unknown \n[CVE-2017-0112](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0112>)0.0Unknown \n[CVE-2017-0113](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0113>)0.0Unknown \n[CVE-2017-0114](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0114>)0.0Unknown \n[CVE-2017-0115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0115>)0.0Unknown \n[CVE-2017-0116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0116>)0.0Unknown \n[CVE-2017-0117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0117>)0.0Unknown \n[CVE-2017-0118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0118>)0.0Unknown \n[CVE-2017-0119](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0119>)0.0Unknown \n[CVE-2017-0120](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0120>)0.0Unknown \n[CVE-2017-0121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0121>)0.0Unknown \n[CVE-2017-0122](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0122>)0.0Unknown \n[CVE-2017-0123](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0123>)0.0Unknown \n[CVE-2017-0124](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0124>)0.0Unknown \n[CVE-2017-0125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0125>)0.0Unknown \n[CVE-2017-0126](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0126>)0.0Unknown \n[CVE-2017-0127](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0127>)0.0Unknown \n[CVE-2017-0128](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0128>)0.0Unknown \n[CVE-2017-0009](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0009>)0.0Unknown \n[CVE-2017-0059](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0059>)0.0Unknown \n[CVE-2017-0130](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0130>)0.0Unknown \n[CVE-2017-0149](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0149>)0.0Unknown \n[CVE-2017-0008](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0008>)0.0Unknown \n[CVE-2017-0040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0040>)0.0Unknown \n[CVE-2017-0100](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0100>)0.0Unknown \n[CVE-2017-0104](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0104>)0.0Unknown \n[CVE-2017-0039](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0039>)0.0Unknown\n\n### *KB list*:\n[4012204](<http://support.microsoft.com/kb/4012204>) \n[4012215](<http://support.microsoft.com/kb/4012215>) \n[3211306](<http://support.microsoft.com/kb/3211306>) \n[4012212](<http://support.microsoft.com/kb/4012212>) \n[4012598](<http://support.microsoft.com/kb/4012598>) \n[4012583](<http://support.microsoft.com/kb/4012583>) \n[3217587](<http://support.microsoft.com/kb/3217587>) \n[4012021](<http://support.microsoft.com/kb/4012021>) \n[4012373](<http://support.microsoft.com/kb/4012373>) \n[4012497](<http://support.microsoft.com/kb/4012497>) \n[4017018](<http://support.microsoft.com/kb/4017018>) \n[4012584](<http://support.microsoft.com/kb/4012584>) \n[3218362](<http://support.microsoft.com/kb/3218362>) \n[4011981](<http://support.microsoft.com/kb/4011981>) \n[3217882](<http://support.microsoft.com/kb/3217882>) \n[3214051](<http://support.microsoft.com/kb/3214051>)\n\n### *Microsoft official advisories*:", "edition": 1, "modified": "2020-07-22T00:00:00", "published": "2017-03-14T00:00:00", "id": "KLA11902", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11902", "title": "\r KLA11902Multiple vulnerabilities in Microsoft Products (ESU) ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-03T07:12:30", "bulletinFamily": "info", "cvelist": ["CVE-2017-0098", "CVE-2017-0099", "CVE-2017-0008", "CVE-2017-0101", "CVE-2017-0078", "CVE-2017-0118", "CVE-2017-0051", "CVE-2017-0084", "CVE-2017-0117", "CVE-2017-0081", "CVE-2017-0001", "CVE-2017-0080", "CVE-2017-0055", "CVE-2017-0073", "CVE-2017-0045", "CVE-2017-0102", "CVE-2017-0125", "CVE-2017-0021", "CVE-2017-0090", "CVE-2017-0104", "CVE-2017-0089", "CVE-2017-0091", "CVE-2017-0115", "CVE-2017-0096", "CVE-2017-0024", "CVE-2017-0121", "CVE-2017-0050", "CVE-2017-0144", "CVE-2017-0060", "CVE-2017-0116", "CVE-2017-0082", "CVE-2017-0120", "CVE-2017-0007", "CVE-2017-0025", "CVE-2017-0075", "CVE-2017-0086", "CVE-2017-0016", "CVE-2017-0124", "CVE-2017-0109", "CVE-2017-0148", "CVE-2017-0119", "CVE-2017-0126", "CVE-2017-0130", "CVE-2017-0113", "CVE-2017-0097", "CVE-2017-0147", "CVE-2017-0112", "CVE-2017-0083", "CVE-2017-0047", "CVE-2017-0057", "CVE-2017-0095", "CVE-2017-0056", "CVE-2017-0087", "CVE-2017-0079", "CVE-2017-0123", "CVE-2017-0092", "CVE-2017-0026", "CVE-2017-0085", "CVE-2017-0103", "CVE-2017-0043", "CVE-2017-0061", "CVE-2017-0014", "CVE-2017-0100", "CVE-2017-0122", "CVE-2017-0063", "CVE-2017-0005", "CVE-2017-0088", "CVE-2017-0128", "CVE-2017-0072", "CVE-2017-0114", "CVE-2017-0146", "CVE-2017-0076", "CVE-2017-0111", "CVE-2017-0074", "CVE-2017-0038", "CVE-2017-0143", "CVE-2017-0108", "CVE-2017-0039", "CVE-2017-0062", "CVE-2017-0145", "CVE-2017-0022", "CVE-2017-0127"], "description": "### *Detect date*:\n03/14/2017\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service.\n\n### *Affected products*:\nMicrosoft Windows Vista Service Pack 2 \nMicrosoft Windows 7 Service Pack 1 \nMicrosoft Windows 8.1 \nMicrosoft Windows RT 8.1 \nMicrosoft Windows 10 \nMicrosoft Windows Server 2008 Service Pack 2 \nMicrosoft Windows Server 2008 R2 Service Pack 1 \nMicrosoft Windows Server 2012 \nMicrosoft Windows Server 2012 R2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[MS17-012](<https://technet.microsoft.com/library/security/MS17-012>) \n[CVE-2017-0051](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0051>) \n[CVE-2017-0021](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0021>) \n[CVE-2017-0095](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0095>) \n[CVE-2017-0096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0096>) \n[CVE-2017-0097](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0097>) \n[CVE-2017-0098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0098>) \n[CVE-2017-0099](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099>) \n[CVE-2017-0109](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0109>) \n[CVE-2017-0074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0074>) \n[CVE-2017-0075](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0075>) \n[CVE-2017-0076](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0076>) \n[CVE-2017-0055](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0055>) \n[CVE-2017-0102](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0102>) \n[CVE-2017-0103](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0103>) \n[CVE-2017-0101](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101>) \n[CVE-2017-0050](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0050>) \n[CVE-2017-0056](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0056>) \n[CVE-2017-0024](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0024>) \n[CVE-2017-0026](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0026>) \n[CVE-2017-0078](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0078>) \n[CVE-2017-0079](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0079>) \n[CVE-2017-0080](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0080>) \n[CVE-2017-0081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0081>) \n[CVE-2017-0082](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0082>) \n[CVE-2017-0043](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0043>) \n[CVE-2017-0045](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0045>) \n[CVE-2017-0022](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0022>) \n[CVE-2017-0143](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0143>) \n[CVE-2017-0144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144>) \n[CVE-2017-0145](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0145>) \n[CVE-2017-0146](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0146>) \n[CVE-2017-0147](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0147>) \n[CVE-2017-0148](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148>) \n[CVE-2017-0014](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0014>) \n[CVE-2017-0060](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0060>) \n[CVE-2017-0061](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0061>) \n[CVE-2017-0062](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0062>) \n[CVE-2017-0063](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0063>) \n[CVE-2017-0025](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0025>) \n[CVE-2017-0073](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0073>) \n[CVE-2017-0108](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0108>) \n[CVE-2017-0038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0038>) \n[CVE-2017-0001](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0001>) \n[CVE-2017-0005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0005>) \n[CVE-2017-0047](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0047>) \n[CVE-2017-0072](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0072>) \n[CVE-2017-0083](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0083>) \n[CVE-2017-0084](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0084>) \n[CVE-2017-0085](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0085>) \n[CVE-2017-0086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0086>) \n[CVE-2017-0087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0087>) \n[CVE-2017-0088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0088>) \n[CVE-2017-0089](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0089>) \n[CVE-2017-0090](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0090>) \n[CVE-2017-0091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0091>) \n[CVE-2017-0092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0092>) \n[CVE-2017-0111](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0111>) \n[CVE-2017-0112](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0112>) \n[CVE-2017-0113](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0113>) \n[CVE-2017-0114](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0114>) \n[CVE-2017-0115](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0115>) \n[CVE-2017-0116](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0116>) \n[CVE-2017-0117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0117>) \n[CVE-2017-0118](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0118>) \n[CVE-2017-0119](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0119>) \n[CVE-2017-0120](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0120>) \n[CVE-2017-0121](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0121>) \n[CVE-2017-0122](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0122>) \n[CVE-2017-0123](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0123>) \n[CVE-2017-0124](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0124>) \n[CVE-2017-0125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0125>) \n[CVE-2017-0126](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0126>) \n[CVE-2017-0127](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0127>) \n[CVE-2017-0128](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0128>) \n[CVE-2017-0130](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0130>) \n[CVE-2017-0008](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0008>) \n[CVE-2017-0057](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0057>) \n[CVE-2017-0100](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0100>) \n[CVE-2017-0104](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0104>) \n[CVE-2017-0007](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0007>) \n[CVE-2017-0016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0016>) \n[CVE-2017-0039](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0039>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows Vista](<https://threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/>)\n\n### *CVE-IDS*:\n[CVE-2017-0051](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0051>)2.9Warning \n[CVE-2017-0021](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0021>)7.7Critical \n[CVE-2017-0095](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0095>)7.9Critical \n[CVE-2017-0096](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0096>)2.3Warning \n[CVE-2017-0097](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0097>)2.3Warning \n[CVE-2017-0098](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0098>)2.9Warning \n[CVE-2017-0099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0099>)2.3Warning \n[CVE-2017-0109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0109>)7.4High \n[CVE-2017-0074](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0074>)2.3Warning \n[CVE-2017-0075](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0075>)7.4High \n[CVE-2017-0076](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0076>)2.9Warning \n[CVE-2017-0055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055>)4.3Warning \n[CVE-2017-0102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0102>)4.6Warning \n[CVE-2017-0103](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0103>)4.4Warning \n[CVE-2017-0101](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0101>)6.8High \n[CVE-2017-0050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0050>)7.2High \n[CVE-2017-0056](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0056>)7.2High \n[CVE-2017-0024](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0024>)7.2High \n[CVE-2017-0026](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0026>)7.2High \n[CVE-2017-0078](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0078>)7.2High \n[CVE-2017-0079](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0079>)7.2High \n[CVE-2017-0080](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0080>)7.2High \n[CVE-2017-0081](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0081>)7.2High \n[CVE-2017-0082](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0082>)7.2High \n[CVE-2017-0043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0043>)2.9Warning \n[CVE-2017-0045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0045>)4.3Warning \n[CVE-2017-0022](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0022>)4.3Warning \n[CVE-2017-0143](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143>)9.3Critical \n[CVE-2017-0144](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144>)9.3Critical \n[CVE-2017-0145](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145>)9.3Critical \n[CVE-2017-0146](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0146>)9.3Critical \n[CVE-2017-0147](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147>)4.3Warning \n[CVE-2017-0148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0148>)9.3Critical \n[CVE-2017-0014](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0014>)7.6Critical \n[CVE-2017-0060](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0060>)1.9Warning \n[CVE-2017-0061](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0061>)2.6Warning \n[CVE-2017-0062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0062>)1.9Warning \n[CVE-2017-0063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0063>)4.3Warning \n[CVE-2017-0025](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0025>)7.2High \n[CVE-2017-0073](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0073>)4.3Warning \n[CVE-2017-0108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0108>)9.3Critical \n[CVE-2017-0038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0038>)4.3Warning \n[CVE-2017-0001](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0001>)7.2High \n[CVE-2017-0005](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0005>)6.9High \n[CVE-2017-0047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0047>)7.2High \n[CVE-2017-0072](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0072>)9.3Critical \n[CVE-2017-0083](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0083>)9.3Critical \n[CVE-2017-0084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0084>)9.3Critical \n[CVE-2017-0085](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0085>)4.3Warning \n[CVE-2017-0086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0086>)9.3Critical \n[CVE-2017-0087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0087>)9.3Critical \n[CVE-2017-0088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0088>)9.3Critical \n[CVE-2017-0089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0089>)9.3Critical \n[CVE-2017-0090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0090>)9.3Critical \n[CVE-2017-0091](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0091>)4.3Warning \n[CVE-2017-0092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0092>)4.3Warning \n[CVE-2017-0111](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0111>)4.3Warning \n[CVE-2017-0112](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0112>)4.3Warning \n[CVE-2017-0113](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0113>)4.3Warning \n[CVE-2017-0114](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0114>)4.3Warning \n[CVE-2017-0115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0115>)4.3Warning \n[CVE-2017-0116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0116>)4.3Warning \n[CVE-2017-0117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0117>)4.3Warning \n[CVE-2017-0118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0118>)4.3Warning \n[CVE-2017-0119](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0119>)4.3Warning \n[CVE-2017-0120](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0120>)4.3Warning \n[CVE-2017-0121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0121>)4.3Warning \n[CVE-2017-0122](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0122>)4.3Warning \n[CVE-2017-0123](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0123>)4.3Warning \n[CVE-2017-0124](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0124>)4.3Warning \n[CVE-2017-0125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0125>)4.3Warning \n[CVE-2017-0126](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0126>)4.3Warning \n[CVE-2017-0127](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0127>)4.3Warning \n[CVE-2017-0128](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0128>)4.3Warning \n[CVE-2017-0130](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0130>)7.6Critical \n[CVE-2017-0008](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0008>)4.3Warning \n[CVE-2017-0057](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0057>)4.3Warning \n[CVE-2017-0100](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0100>)4.4Warning \n[CVE-2017-0104](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0104>)9.3Critical \n[CVE-2017-0007](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0007>)2.1Warning \n[CVE-2017-0016](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0016>)7.1High \n[CVE-2017-0039](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0039>)9.3Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[4012217](<http://support.microsoft.com/kb/4012217>) \n[4012215](<http://support.microsoft.com/kb/4012215>) \n[4012216](<http://support.microsoft.com/kb/4012216>) \n[4012606](<http://support.microsoft.com/kb/4012606>) \n[4013198](<http://support.microsoft.com/kb/4013198>) \n[4013429](<http://support.microsoft.com/kb/4013429>) \n[3211306](<http://support.microsoft.com/kb/3211306>) \n[4012212](<http://support.microsoft.com/kb/4012212>) \n[4012214](<http://support.microsoft.com/kb/4012214>) \n[4012213](<http://support.microsoft.com/kb/4012213>) \n[4012598](<http://support.microsoft.com/kb/4012598>) \n[4012583](<http://support.microsoft.com/kb/4012583>) \n[3217587](<http://support.microsoft.com/kb/3217587>) \n[4012021](<http://support.microsoft.com/kb/4012021>) \n[4012373](<http://support.microsoft.com/kb/4012373>) \n[4012497](<http://support.microsoft.com/kb/4012497>) \n[4017018](<http://support.microsoft.com/kb/4017018>) \n[4012584](<http://support.microsoft.com/kb/4012584>) \n[3218362](<http://support.microsoft.com/kb/3218362>) \n[3205715](<http://support.microsoft.com/kb/3205715>) \n[4011981](<http://support.microsoft.com/kb/4011981>) \n[3217882](<http://support.microsoft.com/kb/3217882>)\n\n### *Exploitation*:\nThis vulnerability can be exploited by the following malware:", "edition": 45, "modified": "2020-11-30T00:00:00", "published": "2017-03-14T00:00:00", "id": "KLA10979", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10979", "title": "\r KLA10979Multiple vulnerabilities in Microsoft Windows ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
