Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11835
HistoryApr 11, 2017 - 12:00 a.m.

KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)

2017-04-1100:00:00
Kaspersky Lab
threats.kaspersky.com
50

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Detect date:

04/11/2017

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.

Exploitation:

This vulnerability can be exploited by the following malware:

Affected products:

Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows 10 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Windows Vista Service Pack 2
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2016
Windows RT 8.1
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows 10 Version 1703 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit)
Microsoft Office 2016 (32-bit edition)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based)
Microsoft Office 2007 Service Pack 3
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Mono Framework Version 5.0.0.48
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Windows 10 Version 1607 for 32-bit Systems
Microsoft Office 2016 (64-bit edition)
Windows 10 Version 1607 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Mono Framework Version 4.8.1.0
Internet Explorer 10
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 10 Version 1703 for 32-bit Systems
Microsoft Silverlight 5 when installed on Microsoft Windows (32-bit)
Windows Server 2012 R2

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2017-0201
CVE-2017-0183
CVE-2017-0058
CVE-2017-0155
CVE-2013-6629
CVE-2017-0163
CVE-2017-0180
CVE-2017-0182
CVE-2017-0158
CVE-2017-0184
CVE-2017-0192
CVE-2017-0168
CVE-2017-0166
CVE-2017-0167
CVE-2017-0191
CVE-2017-0156
CVE-2017-0199

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2017-01997.8Critical
CVE-2017-02017.5Critical
CVE-2017-00584.7Warning
CVE-2017-01557.0High
CVE-2017-01567.0High
CVE-2017-01668.1Critical
CVE-2017-01675.5High
CVE-2017-01915.8High
CVE-2017-01924.3Warning
CVE-2017-01587.5Critical
CVE-2017-01637.6Critical
CVE-2017-01685.8High
CVE-2017-01807.6Critical
CVE-2017-01825.8High
CVE-2017-01835.8High
CVE-2017-01845.4High
CVE-2013-66295.0Warning

Microsoft official advisories:

KB list:

4015549
4014661
4022719
4015546
4014793
4022722
4022887
4015068
4015195
4015380
4020535
3217841
3211308
4014652
4014794
4015383

References

Related

mskb 24
openvas 27
nessus 23
kaspersky 3
threatpost 8
qualysblog 1
cve 19
prion 18
veracode 1
oraclelinux 1
ubuntucve 1
mscve 15
centos 1
symantec 14
redhat 1
f5 2
slackware 1
debiancve 1
zdt 4
seebug 2
checkpoint_advisories 5
zdi 1
fireeye 5
malwarebytes 4
thn 3
metasploit 1
myhack58 3
cisa_kev 1
saint 2
packetstorm 2
securelist 3
exploitpack 1
talosblog 1
mskb
mskb
April 11, 2017—KB4015546 (Security-only update)
2017-04-11 07:00:00
April 11, 2017—KB4015549 (Monthly Rollup)
2017-04-11 07:00:00
April 11, 2017—KB4015548 (Security-only update)
2017-04-11 07:00:00
openvas
openvas
Microsoft Windows Monthly Rollup (KB4015549)
2017-04-12 00:00:00
Microsoft Windows Monthly Rollup (KB4015551)
2017-04-12 00:00:00
Microsoft Windows Hyper-V Multiple Vulnerabilities (KB3211308)
2017-04-12 00:00:00
nessus
nessus
Windows 7 and Windows 2008 R2 April 2017 Security Updates (Petya)
2017-04-12 00:00:00
Windows Server 2012 April 2017 Security Updates (Petya)
2017-04-11 00:00:00
KB4015221: Windows 10 Version 1507 April 2017 Cumulative Update
2017-04-11 00:00:00
kaspersky
kaspersky
KLA11059 Multiple vulnerabilities in Microsoft Windows
2017-04-11 00:00:00
KLA11060 Multiple vulnerabilities in Microsoft Windows Hyper-V
2017-04-11 00:00:00
KLA11061 Information disclosure vulnerability in Microsoft Windows
2017-04-11 00:00:00
threatpost
threatpost
Microsoft Patches Three Vulnerabilities Under Attack
2017-04-11 18:19:52
Spy Campaign Spams Pro-Tibet Group With ExileRAT
2019-02-04 20:45:00
AZORult Campaign Adopts Novel Triple-Encryption Technique
2020-02-03 20:58:25
qualysblog
qualysblog
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide – says goodbye to Security Bulletins
2017-04-11 18:24:03
cve
cve
CVE-2017-0182
2017-04-12 14:59:00
CVE-2017-0184
2017-04-12 14:59:00
CVE-2017-0186
2017-04-12 14:59:00
prion
prion
Denial of service
2017-04-12 14:59:00
Denial of service
2017-04-12 14:59:00
Denial of service
2017-04-12 14:59:00
veracode
veracode
Information Disclosure
2019-01-15 08:53:01
oraclelinux
oraclelinux
libjpeg security update
2013-12-09 00:00:00
ubuntucve
ubuntucve
CVE-2013-6629
2013-11-18 00:00:00
mscve
mscve
libjpeg Information Disclosure Vulnerability
2017-04-11 07:00:00
Windows Kernel Information Disclosure Vulnerability
2017-04-11 07:00:00
Hyper-V Remote Code Execution Vulnerability
2017-04-11 07:00:00
centos
centos
libjpeg security update
2013-12-10 00:47:48
symantec
symantec
Microsoft Windows Hyper-V CVE-2017-0180 Remote Code Execution Vulnerability
2017-04-11 00:00:00
libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2013-11-12 00:00:00
Microsoft Windows Hyper-V CVE-2017-0184 Remote Denial of Service Vulnerability
2017-04-11 00:00:00
redhat
redhat
(RHSA-2013:1804) Moderate: libjpeg security update
2013-12-09 00:00:00
f5
f5
SOL59503294 - libjpeg vulnerability CVE-2013-6629
2016-02-19 00:00:00
K59503294 : libjpeg vulnerability CVE-2013-6629
2016-02-19 00:00:00
slackware
slackware
[slackware-security] libjpeg
2013-12-17 03:49:12
debiancve
debiancve
CVE-2013-6629
2013-11-19 04:50:00
zdt
zdt
Microsoft Windows Kernel - win32kfull!SfnINLPUAHDRAWMENUITEM Stack Memory Disclosure Exploit
2017-04-13 00:00:00
Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Exploi
2017-04-13 00:00:00
Microsoft Word - .RTF Remote Code Execution Exploit
2017-04-19 00:00:00
seebug
seebug
Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)
2017-04-14 00:00:00
Windows Kernel win32k.sys multiple bugs in the NtGdiGetDIBitsInternal system call (CVE-2017-0058)
2017-04-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Kernel Information Disclosure (CVE-2017-0167)
2017-04-11 00:00:00
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0158)
2017-04-11 00:00:00
Microsoft ATMFD.dll Information Disclosure (CVE-2017-0192)
2017-04-11 00:00:00
zdi
zdi
Microsoft Windows ADO Array-Type Parameter Use-After-Free Information Disclosure Vulnerability
2017-04-11 00:00:00
fireeye
fireeye
CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler
2017-04-11 13:30:00
Petya Destructive Malware Variant Spreading via Stolen Credentials and EternalBlue Exploit
2017-06-27 17:30:00
CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler
2017-04-11 13:30:00
malwarebytes
malwarebytes
Blocks for Flash and others coming to Office 365
2018-06-01 15:00:00
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
2020-03-16 15:00:00
Magecart Group 4: A link with Cobalt Group?
2019-10-03 15:00:00
thn
thn
Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo
2021-10-11 09:21:00
Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry
2017-06-27 03:32:00
Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit
2017-04-12 21:41:00
metasploit
metasploit
Microsoft Office Word Malicious Hta Execution
2017-04-15 02:32:48
myhack58
myhack58
CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
2017-04-13 00:00:00
CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
2017-06-08 00:00:00
A newline character causes the Oscar vulnerability 0day(CVE-2017-8759)reproduction-latest Office the highest level of threat attack warning-vulnerability warning-the black bar safety net
2017-09-13 00:00:00
cisa_kev
cisa_kev
Microsoft Office and WordPad Remote Code Execution Vulnerability
2021-11-03 00:00:00
saint
saint
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
packetstorm
packetstorm
Microsoft Office Word Malicious Hta Execution
2017-04-24 00:00:00
Microsoft RTF Remote Code Execution
2017-04-19 00:00:00
securelist
securelist
RevengeHotels: cybercrime targeting hotel front desks worldwide
2019-11-28 10:00:48
The BlueNoroff cryptocurrency hunt is still on
2022-01-13 09:00:23
APT Trends report Q3 2017
2017-11-14 09:41:27
exploitpack
exploitpack
Microsoft Word - .RTF Remote Code Execution
2017-04-18 00:00:00
talosblog
talosblog
New campaign uses government, union-themed lures to deliver Cobalt Strike beacons
2022-09-28 12:12:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for KLA11835
mskb24openvas27nessus23kaspersky3threatpost8qualysblog1cve19prion18veracode1oraclelinux1ubuntucve1mscve15centos1symantec14redhat1f52slackware1debiancve1zdt4seebug2checkpoint_advisories5zdi1fireeye5malwarebytes4thn3metasploit1myhack583cisa_kev1saint2packetstorm2securelist3exploitpack1talosblog1