Kaspersky LabKLA11841KLA11841 Multiple vulnerabilities in Microsoft Windows
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
69.5%
Detect date:
06/19/2017
Severity:
High
Description:
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information.
Affected products:
Windows 10 Version 1511 for 32-bit Systems
Windows Server 2016
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 for 32-bit Systems
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2017-8579
CVE-2017-8575
CVE-2017-8576
Impacts:
OSI
Related products:
CVE-IDS:
CVE-2017-85752.1Warning
CVE-2017-85766.9High
CVE-2017-85796.9High
KB list:
4022714
4022727
4022715
4022725
Microsoft official advisories:
References
support.microsoft.com/kb/4022714
support.microsoft.com/kb/4022715
support.microsoft.com/kb/4022725
support.microsoft.com/kb/4022727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8579
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8575
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8576
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8579
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
Related
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
69.5%