Kaspersky LabKLA11051KLA11051 Multiple vulnerabilities in Microsoft Windows
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
73.0%
Detect date:
06/13/2017
Severity:
Warning
Description:
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause a denial of service, obtain sensitive information and possibly to write local files.
Affected products:
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2017-0298
CVE-2017-0295
CVE-2017-8493
CVE-2017-8515
CVE-2017-8544
CVE-2017-8554
CVE-2017-8553
Impacts:
OSI
Related products:
CVE-IDS:
CVE-2017-02952.1Warning
CVE-2017-02984.4Warning
CVE-2017-84932.1Warning
CVE-2017-85154.9Warning
CVE-2017-85442.1Warning
CVE-2017-85531.9Warning
CVE-2017-85541.9Warning
Microsoft official advisories:
KB list:
4022719
4022726
4022714
4022724
4022727
4022715
4022725
4022722
4022717
4024402
4022718
4022887
References
support.microsoft.com/kb/4022714
support.microsoft.com/kb/4022715
support.microsoft.com/kb/4022717
support.microsoft.com/kb/4022718
support.microsoft.com/kb/4022719
support.microsoft.com/kb/4022722
support.microsoft.com/kb/4022724
support.microsoft.com/kb/4022725
support.microsoft.com/kb/4022726
support.microsoft.com/kb/4022727
support.microsoft.com/kb/4022887
support.microsoft.com/kb/4024402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0298
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8493
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8515
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8554
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0295
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0298
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8515
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8544
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8553
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8554
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Windows-RT/
Related
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
73.0%