Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11113
HistoryOct 10, 2017 - 12:00 a.m.

KLA11113 Multiple vulnerabilities in Microsoft Office

2017-10-1000:00:00
Kaspersky Lab
threats.kaspersky.com
187

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Detect date:

10/10/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations Below is a complete list of vulnerabilities:

Affected products:

Word Automation Services
Microsoft Lync 2013 Service Pack 1 (32-bit)
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Online Server 2016
Microsoft Office Web Apps Server 2010 Service Pack 2
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Office Word Viewer
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Skype for Business 2016 (32-bit)
Skype for Business 2016 (64-bit)

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

ADV170017
CVE-2017-11776
CVE-2017-11777
CVE-2017-11774
CVE-2017-11775
CVE-2017-11786
CVE-2017-11820
CVE-2017-11826
CVE-2017-11825
CVE-2017-11775
CVE-2017-11776
CVE-2017-11777
CVE-2017-11786
CVE-2017-11820
CVE-2017-11825
CVE-2017-11826

Impacts:

ACE

Related products:

Microsoft Access

CVE-IDS:

CVE-2017-117746.8High
CVE-2017-117753.5Warning
CVE-2017-117765.0Warning
CVE-2017-117773.5Warning
CVE-2017-117869.3Critical
CVE-2017-118203.5Warning
CVE-2017-118259.3Critical
CVE-2017-118269.3Critical

Microsoft official advisories:

KB list:

3213623
3213630
3213647
3213648
3213659
4011068
4011159
4011162
4011170
4011178
4011179
4011180
4011194
4011196
4011217
4011222
4011231
4011232
4011236
3213627
4022208
4022206
4022172
4022176
4022188
4022189

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

References

Related

nessus 8
mskb 20
prion 8
cve 8
openvas 17
thn 2
myhack58 3
symantec 8
krebs 1
checkpoint_advisories 2
mscve 8
malwarebytes 1
fireeye 2
seebug 1
attackerkb 2
cisa_kev 2
threatpost 2
huawei 1
trendmicroblog 3
securelist 1
mssecure 2
mmpc 1
talosblog 2
qualysblog 5
nessus
nessus
Security Updates for Microsoft Sharepoint Server (October 2017)
2017-10-11 00:00:00
Security Updates for Microsoft Office Products (October 2017)
2017-10-11 00:00:00
Security Updates for Outlook (October 2017)
2017-10-10 00:00:00
mskb
mskb
Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017
2017-10-10 07:00:00
Description of the security update for Outlook 2013: October 10, 2017
2017-10-10 07:00:00
Description of the security update for Outlook 2016: October 10, 2017
2017-10-10 07:00:00
prion
prion
Cross site scripting
2017-10-13 13:29:00
Cross site scripting
2017-10-13 13:29:00
Cross site scripting
2017-10-13 13:29:00
cve
cve
CVE-2017-11777
2017-10-13 13:29:00
CVE-2017-11820
2017-10-13 13:29:00
CVE-2017-11775
2017-10-13 13:29:00
openvas
openvas
Microsoft Outlook 2016 Multiple Vulnerabilities (KB4011162)
2017-10-11 00:00:00
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Multiple XSS Vulnerabilities (KB4011170)
2017-10-13 00:00:00
Microsoft Outlook 2010 Service Pack 2 Security Feature Bypass Vulnerability (KB4011196)
2017-10-11 00:00:00
thn
thn
Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack
2017-10-10 22:06:00
Buggy Microsoft Outlook Sending Encrypted S/MIME Emails With Plaintext Copy For Months
2017-10-11 21:58:00
myhack58
myhack58
Microsoft windows October release of the 62 flaws vulnerability bug patch, and repair of the National researchers submitted the 0-day flaw vulnerability bug-vulnerability warning-the black bar safety net
2017-10-12 00:00:00
The latest Office 0day vulnerabilities flaws bug(CVE-2017-11826)in the wild attack warning-vulnerability warning-the black bar safety net
2017-10-11 00:00:00
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00
symantec
symantec
Microsoft Office CVE-2017-11825 Remote Code Execution Vulnerability
2017-10-10 00:00:00
Microsoft Office SharePoint CVE-2017-11820 Cross Site Scripting Vulnerability
2017-10-10 00:00:00
Microsoft Office Outlook CVE-2017-11774 Security Bypass Vulnerability
2017-10-10 00:00:00
krebs
krebs
Microsoft’s October Patch Batch Fixes 62 Flaws
2017-10-11 14:18:40
checkpoint_advisories
checkpoint_advisories
Microsoft Outlook Security Feature Bypass (CVE-2017-11774)
2019-07-04 00:00:00
Microsoft Office Memory Corruption (CVE-2017-11826)
2017-10-13 00:00:00
mscve
mscve
Skype for Business Elevation of Privilege Vulnerability
2017-10-10 07:00:00
Microsoft Outlook Security Feature Bypass Vulnerability
2017-10-10 07:00:00
Microsoft Office Remote Code Execution Vulnerability
2017-10-10 07:00:00
malwarebytes
malwarebytes
A week in security (July 1 – 7)
2019-07-08 15:08:33
fireeye
fireeye
Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)
2019-12-04 00:00:00
OVERRULED: Containing a Potentially Destructive Adversary
2018-12-21 14:00:00
seebug
seebug
Outlook Home Page – Another Ruler Vector
2017-10-12 00:00:00
attackerkb
attackerkb
CVE-2017-11774
2017-10-13 00:00:00
CVE-2017-11826
2017-10-13 00:00:00
cisa_kev
cisa_kev
Microsoft Office Outlook Security Feature Bypass Vulnerability
2021-11-03 00:00:00
Microsoft Office Remote Code Execution Vulnerability
2022-03-03 00:00:00
threatpost
threatpost
Microsoft Patches Office Bug Actively Being Exploited
2017-10-10 16:44:08
Microsoft Exchange, Outlook Under Siege By APTs
2020-10-19 15:09:06
huawei
huawei
Security Advisory - Remote Code Execution Vulnerability in Microsoft Office
2017-12-20 00:00:00
trendmicroblog
trendmicroblog
This Week in Security News
2017-10-13 13:00:29
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 16, 2017
2017-10-20 13:29:23
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017
2017-10-13 14:03:59
securelist
securelist
Analyzing an exploit for Π‘VE-2017-11826
2017-10-26 09:00:38
mssecure
mssecure
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint
2020-06-18 16:00:03
Office 365 Advanced Threat Protection defense for corporate networks against recent Office exploit attacks
2017-11-21 13:46:01
mmpc
mmpc
Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware
2017-10-23 13:05:08
talosblog
talosblog
2018 in Snort Rules
2019-02-06 08:19:00
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00
qualysblog
qualysblog
Unpacking the CVEs in the FireEye Breach – Start Here First
2021-02-01 20:40:25
October Patch Tuesday: 28 Critical Microsoft Vulnerabilities
2017-10-10 18:23:41
Qualys Security Advisory: SolarWinds / FireEye
2020-12-22 21:17:31

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON
Related for KLA11113
nessus8mskb20prion8cve8openvas17thn2myhack583symantec8krebs1checkpoint_advisories2mscve8malwarebytes1fireeye2seebug1attackerkb2cisa_kev2threatpost2huawei1trendmicroblog3securelist1mssecure2mmpc1talosblog2qualysblog5