KLA11052Multiple vulnerabilities in Windows Uniscribe

2017-06-13T00:00:00
ID KLA11052
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

06/13/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

Affected products:

Microsoft Windows Server 2016
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2017-8534
CVE-2017-8528
CVE-2017-8528
CVE-2017-8534

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2017-85289.3Critical
CVE-2017-85344.3Critical

Microsoft official advisories:

KB list:

3191848
3191828