Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11902
HistoryMar 14, 2017 - 12:00 a.m.

KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)

2017-03-1400:00:00
Kaspersky Lab
threats.kaspersky.com
54

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Detect date:

03/14/2017

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service.

Exploitation:

This vulnerability can be exploited by the following malware:

Affected products:

Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows 10 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Skype for Business 2016 (64-bit)
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Vista Service Pack 2
Microsoft XML Core Services 3.0
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Internet Explorer 11
Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft Lync Basic 2013 Service Pack 1 (64-bit)
Windows Server 2016
Microsoft Lync 2010 Attendee (admin level install)
Skype for Business 2016 Basic (32-bit)
Microsoft Live Meeting 2007 Add-in
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows RT 8.1
Skype for Business 2016 (32-bit)
Microsoft Lync 2010 Attendee (user level install)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Microsoft Lync 2010 (64-bit)
Microsoft Office Word Viewer
Microsoft Live Meeting 2007 Console
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit)
Microsoft Edge (EdgeHTML-based)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based)
Microsoft Office 2007 Service Pack 3
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Skype for Business 2016 Basic (64-bit)
Microsoft Lync Basic 2013 Service Pack 1 (32-bit)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 10
Microsoft Lync 2010 (32-bit)
Microsoft Silverlight 5 when installed on Microsoft Windows (32-bit)
Windows Server 2012 R2
Microsoft Lync 2013 Service Pack 1 (32-bit)

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2017-0108
CVE-2017-0109
CVE-2017-0072
CVE-2017-0100
CVE-2017-0101
CVE-2017-0102
CVE-2017-0143
CVE-2017-0104
CVE-2017-0022
CVE-2017-0001
CVE-2017-0145
CVE-2017-0120
CVE-2017-0147
CVE-2017-0005
CVE-2017-0127
CVE-2017-0124
CVE-2017-0125
CVE-2017-0009
CVE-2017-0008
CVE-2017-0047
CVE-2017-0060
CVE-2017-0148
CVE-2017-0061
CVE-2017-0043
CVE-2017-0042
CVE-2017-0045
CVE-2017-0119
CVE-2017-0062
CVE-2017-0149
CVE-2017-0099
CVE-2017-0144
CVE-2017-0040
CVE-2017-0090
CVE-2017-0091
CVE-2017-0096
CVE-2017-0097
CVE-2017-0038
CVE-2017-0039
CVE-2017-0103
CVE-2017-0063
CVE-2017-0118
CVE-2017-0117
CVE-2017-0116
CVE-2017-0115
CVE-2017-0114
CVE-2017-0113
CVE-2017-0112
CVE-2017-0111
CVE-2017-0092
CVE-2017-0076
CVE-2017-0014
CVE-2017-0059
CVE-2017-0056
CVE-2017-0055
CVE-2017-0050
CVE-2017-0123
CVE-2017-0122
CVE-2017-0073
CVE-2017-0075
CVE-2017-0025
CVE-2017-0146
CVE-2017-0128
CVE-2017-0089
CVE-2017-0088
CVE-2017-0121
CVE-2017-0130
CVE-2017-0126
CVE-2017-0083
CVE-2017-0085
CVE-2017-0084
CVE-2017-0087
CVE-2017-0086

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2017-00423.1Warning
CVE-2017-00962.6Warning
CVE-2017-00975.4High
CVE-2017-00995.4High
CVE-2017-01097.6Critical
CVE-2017-00757.6Critical
CVE-2017-00765.4High
CVE-2017-00556.1High
CVE-2017-01027.8Critical
CVE-2017-01037.0High
CVE-2017-01017.8Critical
CVE-2017-00507.8Critical
CVE-2017-00567.8Critical
CVE-2017-00435.3High
CVE-2017-00455.5High
CVE-2017-00224.3Warning
CVE-2017-01438.1Critical
CVE-2017-01448.1Critical
CVE-2017-01458.1Critical
CVE-2017-01468.1Critical
CVE-2017-01475.9High
CVE-2017-01488.1Critical
CVE-2017-00147.5Critical
CVE-2017-00605.5High
CVE-2017-00615.3High
CVE-2017-00624.7Warning
CVE-2017-00636.5High
CVE-2017-00257.8Critical
CVE-2017-00734.3Warning
CVE-2017-01087.8Critical
CVE-2017-00385.5High
CVE-2017-00017.8Critical
CVE-2017-00057.0High
CVE-2017-00477.8Critical
CVE-2017-00728.8Critical
CVE-2017-00838.8Critical
CVE-2017-00848.8Critical
CVE-2017-00854.3Warning
CVE-2017-00868.8Critical
CVE-2017-00878.8Critical
CVE-2017-00888.8Critical
CVE-2017-00898.8Critical
CVE-2017-00908.8Critical
CVE-2017-00914.3Warning
CVE-2017-00924.3Warning
CVE-2017-01114.3Warning
CVE-2017-01124.3Warning
CVE-2017-01134.3Warning
CVE-2017-01144.3Warning
CVE-2017-01154.3Warning
CVE-2017-01164.3Warning
CVE-2017-01174.3Warning
CVE-2017-01184.3Warning
CVE-2017-01194.3Warning
CVE-2017-01204.3Warning
CVE-2017-01214.3Warning
CVE-2017-01224.3Warning
CVE-2017-01234.3Warning
CVE-2017-01244.3Warning
CVE-2017-01254.3Warning
CVE-2017-01264.3Warning
CVE-2017-01274.3Warning
CVE-2017-01284.3Warning
CVE-2017-00094.3Warning
CVE-2017-00594.3Warning
CVE-2017-01307.5Critical
CVE-2017-01497.5Critical
CVE-2017-00084.3Warning
CVE-2017-00407.5Critical
CVE-2017-01007.8Critical
CVE-2017-01048.1Critical
CVE-2017-00397.8Critical

KB list:

4012204
4012215
3211306
4012212
4012598
4012583
3217587
4012021
4012373
4012497
4017018
4012584
3218362
4011981
3217882
3214051

Microsoft official advisories:

References

Related

kaspersky 7
mskb 31
nessus 7
openvas 8
prion 53
cve 53
zdt 7
googleprojectzero 1
rapid7community 8
seebug 1
packetstorm 5
f5 1
attackerkb 9
huawei 1
trendmicroblog 1
mmpc 2
canvas 1
checkpoint_advisories 1
threatpost 2
kaspersky
kaspersky
KLA10978 Multiple vulnerabilities in Windows Uniscribe
2017-03-14 00:00:00
KLA10979 Multiple vulnerabilities in Microsoft Windows
2017-03-14 00:00:00
KLA10977 Multiple vulnerabilities in Microsoft Server Message Block (SMB)
2017-03-14 00:00:00
mskb
mskb
March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1
2017-03-14 07:00:00
March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
2017-03-14 07:00:00
March 2017 Security Only Quality Update for Windows Server 2012
2017-03-14 07:00:00
nessus
nessus
MS17-011: Security Update for Microsoft Uniscribe (4013076)
2017-03-14 00:00:00
MS17-013: Security Update for Microsoft Graphics Component (4013075)
2017-03-17 00:00:00
MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya)
2017-03-15 00:00:00
openvas
openvas
Microsoft Uniscribe Multiple Vulnerabilities (4013076)
2017-03-15 00:00:00
Microsoft Graphics Component Multiple Vulnerabilities (4013075)
2017-03-15 00:00:00
Microsoft Windows SMB Server Multiple Vulnerabilities (4013389)
2017-03-15 00:00:00
prion
prion
Information disclosure
2017-03-17 00:59:00
Information disclosure
2017-03-17 00:59:00
Information disclosure
2017-03-17 00:59:00
cve
cve
CVE-2017-0113
2017-03-17 00:59:00
CVE-2017-0116
2017-03-17 00:59:00
CVE-2017-0118
2017-03-17 00:59:00
zdt
zdt
Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17
2017-03-20 00:00:00
Microsoft Windows - SrvOs2FeaToNt SMB Remote Code Execution (MS17-010) Exploit
2017-05-10 00:00:00
SMB DOUBLEPULSAR Remote Code Execution Exploit
2020-02-04 00:00:00
googleprojectzero
googleprojectzero
Notes on Windows Uniscribe Fuzzing
2017-04-10 00:00:00
rapid7community
rapid7community
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
2017-05-16 17:51:28
Protecting against DoublePulsar infection with InsightVM and Nexpose
2017-06-23 21:23:11
Petya-like ransomworm: Leveraging InsightVM and Nexpose for visibility into MS17-010
2017-06-28 00:06:12
seebug
seebug
ETERNALBLUE - Remote RCE via SMB & NBT (Windows XP to Windows 2012)
2017-04-15 00:00:00
packetstorm
packetstorm
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
2017-05-17 00:00:00
Microsoft Windows MS17-010 SMB Remote Code Execution
2017-04-17 00:00:00
DOUBLEPULSAR Payload Execution / Neutralization
2019-10-01 00:00:00
f5
f5
K57181937 : Multiple Microsoft SMB (Wannacry/Wannacrypt/Petya/Goldeneye) vulnerabilities
2017-05-16 00:00:00
attackerkb
attackerkb
CVE-2017-0148
2017-03-17 00:00:00
CVE-2017-0144 (MS17-010)
2017-03-17 00:00:00
CVE-2017-0143
2017-03-17 00:00:00
huawei
huawei
Security Advisory - 'WannaCry ransomware' Vulnerabilities in Microsoft Windows Systems
2017-05-13 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 26, 2017
2017-06-30 12:00:57
mmpc
mmpc
New ransomware, old techniques: Petya adds worm capabilities
2017-06-28 06:57:43
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene
2017-09-06 14:58:36
canvas
canvas
Immunity Canvas: MS17_010
2017-03-17 00:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI+ Information Disclosure (MS17-013; CVE-2017-0060; CVE-2017-0062)
2017-03-14 00:00:00
threatpost
threatpost
PyRoMine Uses NSA Exploit for Monero Mining and Backdoors
2018-04-26 18:21:13
Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group
2017-03-28 17:12:08

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for KLA11902
kaspersky7mskb31nessus7openvas8prion53cve53zdt7googleprojectzero1rapid7community8seebug1packetstorm5f51attackerkb9huawei1trendmicroblog1mmpc2canvas1checkpoint_advisories1threatpost2