KLA10980Multiple vulnerabilities in Microsoft Graphics Component

2017-03-14T00:00:00
ID KLA10980
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/14/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Graphics Component. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information and execute arbitrary code.

Affected products:

Microsoft Windows Vista Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Office 2007
Microsoft Office 2010
Microsoft Lync 2010
Microsoft Lync 2013
Skype for Business 2016

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS17-013
CVE-2017-0014
CVE-2017-0060
CVE-2017-0061
CVE-2017-0062
CVE-2017-0063
CVE-2017-0025
CVE-2017-0073
CVE-2017-0108
CVE-2017-0038
CVE-2017-0001
CVE-2017-0005
CVE-2017-0047

Impacts:

ACE

Related products:

Microsoft Office Professional Plus 2010

CVE-IDS:

CVE-2017-00147.6Critical
CVE-2017-00601.9Critical
CVE-2017-00612.6Critical
CVE-2017-00621.9Critical
CVE-2017-00634.3Critical
CVE-2017-00257.2Critical
CVE-2017-00734.3Critical
CVE-2017-01089.3Critical
CVE-2017-00384.3Critical
CVE-2017-00017.2Critical
CVE-2017-00056.9Critical
CVE-2017-00477.2Critical

Microsoft official advisories:

KB list:

4012217
4012215
4012216
4012606
4013198
4013429
4012212
4012214
4012213
4012583
4012497
4017018
4012584
4013075
3127945
3127958
3141535
3172539
3178653
3178656
3178688
3178693
4010299
4010300
4010301
4010303
4010304
4013867