Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4013075
HistoryMar 14, 2017 - 12:00 a.m.

MS17-013: Security Update for Microsoft Graphics Component: March 14, 2017

2017-03-1400:00:00
Microsoft
support.microsoft.com
108

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

<html><body><p>Resolves vulnerabilities in the Microsoft Graphics Component on Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync.</p><h2>Summary</h2><p>This security update resolves <span>vulnerabilities </span> in the Microsoft Graphics Component on <span>Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync</span>. These <span>vulnerabilities</span> could allow <span>remote code execution if a user either visits a specially crafted website or opens a specially crafted document</span>. To learn more about the vulnerability, see <a href=“https://technet.microsoft.com/library/security/MS17-013”>Microsoft Security Bulletin MS17-013</a>.</p><h2>Additional information about this security update</h2><p>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</p><h3>Microsoft Windows</h3><ul><li><span><a href>4017018</a> Security update for Microsoft Graphics Component: April 11, 2017</span></li><li><span><a href>4012584</a> MS17-013: Description of the security update for Microsoft Graphics Component: March 14, 2017</span></li><li><span><a href>4012497</a> MS17-018 and MS17-013: Description of the security update for Windows Kernel-Mode Drivers and for Microsoft Graphics Component: March 14, 2017</span></li><li><span><a href>4012212</a> March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1</span></li><li><span><a href>4012215</a> March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1</span></li><li><span><a href>4012213</a> March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2</span></li><li><span><a href>4012216</a> March 2017 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2</span></li><li><span><a href>4012214</a> March 2017 Security Only Quality Update for Windows Server 2012</span></li><li><span><a href>4012217</a> March 2017 Security Monthly Quality Rollup for Windows Server 2012</span></li><li><a href><span>4012606</span></a><span> March 14, 2017—KB4012606 (OS Build 17312)</span></li><li><a href><span>4013198</span></a><span> March 14, 2017—KB4013198 (OS Build 830)</span></li><li><a href><span>4013429</span></a><span> March 13, 2017—KB4013429 (OS Build 933)</span></li></ul><h3>Microsoft Office</h3><ul><li><span><a href>3127945</a> MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017</span></li><li><span><a href>3141535</a> MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017</span></li><li><span><a href>3127958</a> MS17-013: Description of the security update for Office 2010: March 14, 2017</span></li><li><span><a href>3178688</a> MS17-013: Description of the security update for Office 2010: March 14, 2017</span></li><li><p><span><a href>3178693</a> MS17-013: Description of the security update for Word Viewer: March 14, 2017</span></p></li><li><p><a href>3178653</a> MS17-013: Description of the security update for Word Viewer: March 14, 2017</p></li></ul><h3>Microsoft Communications Platforms and Software</h3><ul><li><span><span></span><span></span><a href target>4010299</a><span></span><span></span> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010: March 14, 2017</span></li><li><span><a href target>4010300</a> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010 Attendee (user level install): March 14, 2017</span></li><li><span><a href target>4010301</a> MS17-013: Description of the security update for Microsoft Graphics Component on Lync 2010 Attendee (admin level install): March 14, 2017</span></li><li><span><a href target>4010303</a> MS17-013: Description of the security update for Microsoft Graphics Component on Live Meeting 2007 Console: March 14, 2017</span></li><li><a href>4010304</a> MS17-013: Description of the security update for Microsoft Graphics Component on Live Meeting Add-in: March 14, 2017</li><li><a href>3172539</a> MS17-013: Description of the security update for Lync 2013 (Skype for Business): March 14, 2017</li><li><a href>3178656</a> MS17-013: Description of the security update for Skype for Business 2016: March 14, 2017</li></ul><h3><span>Microsoft Developer Tools and Software</span></h3><ul><li><span><a href>4013867</a> MS17-013: Description of the security update for Microsoft Graphics Component on Microsoft Silverlight 5: March 14, 2017</span></li></ul><h2>Security update deployment information</h2><h3><strong>Windows Vista (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“26%”><p><strong>Security update file names</strong></p></td><td width=“73%”><p>For all supported 32-bit editions of Windows Vista:<br /><strong>Windows6.0-KB4017018-x86.msu<br />Windows6.0-KB4012584-x86.msu<br />Windows6.0-KB4012497-x86.msu</strong></p></td></tr><tr><td width=“26%”><p> </p></td><td width=“73%”><p>For all supported x64-based editions of Windows Vista:<br /><strong>Windows6.0-KB4017018-x64.msu<br />Windows6.0-KB4012584-x64.msu<br />Windows6.0-KB4012497-x64.msu</strong></p></td></tr><tr><td width=“26%”><p><strong>Installation switches</strong></p></td><td width=“73%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“26%”><p><strong>Restart requirement</strong></p></td><td width=“73%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“26%”><p><strong>Removal information</strong></p></td><td width=“73%”><ol><li>does not support uninstall of updates. To uninstall an update installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under “Windows Update,” click <strong>View installed updates</strong> and select from the list of updates.</li></ol></td></tr><tr><td width=“26%”><p><strong>File information</strong></p></td><td width=“73%”><p>See <a href=“https://support.microsoft.com/kb/4017018”><u>Microsoft Knowledge Base article 4017018</u></a><br />See <a href=“https://support.microsoft.com/kb/4012584”><u>Microsoft Knowledge Base article 4012584</u></a><br />See <a href=“https://support.microsoft.com/kb/4012497”><u>Microsoft Knowledge Base article 4012497</u></a></p></td></tr><tr><td width=“26%”><p><strong>Registry key verification</strong></p></td><td width=“73%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><p> </p><h3><strong>Windows Server 2008 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“26%”><p><strong>Security update file names</strong></p></td><td width=“73%”><p>For all supported 32-bit editions of Windows Server 2008:<br /><strong>Windows6.0-KB4017018-x86.msu<br />Windows6.0-KB4012584-x86.msu<br />Windows6.0-KB4012497-x86.msu</strong></p></td></tr><tr><td width=“26%”><p> </p></td><td width=“73%”><p>For all supported x64-based editions of Windows Server 2008:<br /><strong>Windows6.0-KB4017018-x64.msu<br />Windows6.0-KB4012584-x64.msu<br />Windows6.0-KB4012497-x64.msu</strong></p></td></tr><tr><td width=“26%”><p> </p></td><td width=“73%”><p>For all supported Itanium-based editions of Windows Server 2008<br /><strong>Windows6.0-KB4017018-ia64.msu<br />Windows6.0-KB4012584-ia64.msu<br />Windows6.0-KB4012497-ia64.msu</strong></p></td></tr><tr><td width=“26%”><p><strong>Installation switches</strong></p></td><td width=“73%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“26%”><p><strong>Restart requirement</strong></p></td><td width=“73%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“26%”><p><strong>Removal information</strong></p></td><td width=“73%”><p>WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under “Windows Update,” click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“26%”><p><strong>File information</strong></p></td><td width=“73%”><p>See <a href=“https://support.microsoft.com/kb/4017018”><u>Microsoft Knowledge Base article 4017018</u></a><br />See <a href=“https://support.microsoft.com/kb/4012584”><u>Microsoft Knowledge Base article 4012584</u></a><br />See <a href=“https://support.microsoft.com/kb/4012497”><u>Microsoft Knowledge Base article 4012497</u></a></p></td></tr><tr><td width=“26%”><p><strong>Registry key verification</strong></p></td><td width=“73%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows 7 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“29%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported x64-based editions of Windows 7:<br /><strong>indows6.1-KB4012212-x64.msu</strong><br />Security only</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported x64-based editions of Windows 7:<br /><strong>Windows6.1-KB4012215-x64.msu</strong><br />Monthly rollup</p></td></tr><tr><td width=“29%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a><u> </u></p></td></tr><tr><td width=“29%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“29%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall </strong>setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then under “Windows Update,” click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“29%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/4012212”><u>Microsoft Knowledge Base article 4012212</u></a><br />See <a href=“https://support.microsoft.com/kb/4012215”><u>Microsoft Knowledge Base article 4012215</u></a></p></td></tr><tr><td width=“29%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows Server 2008 R2 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“29%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported x64-based editions of Windows Server 2008 R2:<br /><strong>Windows6.1-KB4012212-x64.msu</strong><br />Security only</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported x64-based editions of Windows Server 2008 R2:<br /><strong>Windows6.1-KB4012215-x64.msu</strong><br />Monthly rollup</p></td></tr><tr><td width=“29%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“29%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“29%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then under “Windows Update,” click <strong>View installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“29%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/4012212”><u>Microsoft Knowledge Base article 4012212</u></a><br />See <a href=“https://support.microsoft.com/kb/4012215”><u>Microsoft Knowledge Base article 4012215</u></a></p></td></tr><tr><td width=“29%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows 8.1 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“29%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported x64-based editions of Windows 8.1:<br /><strong>Windows8.1-KB4012213-x64.msu</strong><br />Security only</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported x64-based editions of Windows 8.1:<br /><strong>Windows8.1-KB4012216-x64.msu</strong><br />Monthly rollup</p></td></tr><tr><td width=“29%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“29%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“29%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under “See also,” click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“29%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/4012213”><u>Microsoft Knowledge Base article 4012213</u></a><br />See <a href=“https://support.microsoft.com/kb/4012216”><u>Microsoft Knowledge Base article 4012216</u></a></p></td></tr><tr><td width=“29%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows RT 8.1 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“29%”><p><strong>Deployment</strong></p></td><td width=“71%”><p>The 4012216 monthly rollup update is available via <a href=“http://go.microsoft.com/fwlink/?LinkId=21130”><u>Windows Update</u></a> only.</p></td></tr><tr><td width=“29%”><p><strong>Restart requirement</strong></p></td><td width=“71%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“29%”><p><strong>Removal information</strong></p></td><td width=“71%”><p>Click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under “See also,” click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“29%”><p><strong>File information</strong></p></td><td width=“71%”><p>See <a href=“https://support.microsoft.com/kb/4012213”><u>Microsoft Knowledge Base article 4012213</u></a></p></td></tr></tbody></table><h3><strong>Windows Server 2012 and Windows Server 2012 R2 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“29%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported editions of Windows Server 2012:<br /><strong>Windows8-RT-KB4012214-x64.msu</strong><br />Security only</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported editions of Windows Server 2012:<br /><strong>Windows8-RT-KB4012217-x64.msu</strong><br />Monthly rollup</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported editions of Windows Server 2012 R2:<br /><strong>Windows8.1-KB4012213-x64.msu</strong><br />Security only</p></td></tr><tr><td width=“29%”><p> </p></td><td width=“70%”><p>For all supported editions of Windows Server 2012 R2:<br /><strong>Windows8.1-KB4012216-x64.msu</strong><br />Monthly rollup</p></td></tr><tr><td width=“29%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“29%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“29%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under “See also,” click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“29%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/4012214”><u>Microsoft Knowledge Base article 4012214</u></a><br />See <a href=“https://support.microsoft.com/kb/4012217”><u>Microsoft Knowledge Base article 4012217</u></a><br />See <a href=“https://support.microsoft.com/kb/4012213”><u>Microsoft Knowledge Base article 4012213</u></a><br />See <a href=“https://support.microsoft.com/kb/4012216”><u>Microsoft Knowledge Base article 4012216</u></a></p></td></tr><tr><td width=“29%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows 10 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“30%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported x64-based editions of Windows 10:<br /><strong>Windows10.0-KB4012606-x64.msu</strong></p></td></tr><tr><td width=“30%”><p> </p></td><td width=“70%”><p>For all supported x64-based editions of Windows 10 Version 1511:<br /><strong>Windows10.0-KB4013198-x64.msu</strong></p></td></tr><tr><td width=“30%”><p> </p></td><td width=“70%”><p>For all supported x64-based editions of Windows 10 Version 1607:<br /><strong>Windows10.0-KB4013429-x64.msu</strong></p></td></tr><tr><td width=“30%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“30%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“30%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under “See also,” click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“30%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/en-sg/help/12387/windows-10-update-history” target=“_self”><u>Windows 10 and Windows Server 2016 update history</u></a>.</p></td></tr><tr><td width=“30%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><h3><strong>Windows Server 2016 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“30%”><p><strong>Security update file name</strong></p></td><td width=“70%”><p>For all supported editions of Windows Server 2016:<br /><strong>Windows10.0-KB4013429-x64.msu</strong></p></td></tr><tr><td width=“30%”><p><strong>Installation switches</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“30%”><p><strong>Restart requirement</strong></p></td><td width=“70%”><p>A system restart is required after you apply this security update.</p></td></tr><tr><td width=“30%”><p><strong>Removal information</strong></p></td><td width=“70%”><p>To uninstall an update installed by WUSA, use the <strong>/Uninstall</strong> setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>, click <strong>Windows Update</strong>, and then under “See also,” click <strong>Installed updates</strong> and select from the list of updates.</p></td></tr><tr><td width=“30%”><p><strong>File information</strong></p></td><td width=“70%”><p>See <a href=“https://support.microsoft.com/en-sg/help/12387/windows-10-update-history” target=“_self”><u>Windows 10 and Windows Server 2016 update history</u></a>.</p></td></tr><tr><td width=“30%”><p><strong>Registry key verification</strong></p></td><td width=“70%”><p><strong>Note</strong> A registry key does not exist to validate the presence of this update.</p></td></tr></tbody></table><p> </p><p> </p><h3><strong>Microsoft Office 2007 (all editions) and Other Software</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“182”><p><strong>Security update file name</strong></p></td><td width=“335”><p><span>For Microsoft Office 2007 Service Pack 3:<br /><strong>ogl2007-kb3127945-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=“182”><p> </p></td><td width=“335”><p><span>For Microsoft Office 2007 Service Pack 3:<br /><strong>usp102007-kb3141535-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=“182”><p> </p></td><td width=“335”><p>For Microsoft Word Viewer:<br /><strong>office2003-kb3178693-fullfile-enu.exe</strong></p></td></tr><tr><td width=“182”><p> </p></td><td width=“335”><p>For Microsoft Word Viewer:<br /><strong>office2003-kb3178653-fullfile-enu.exe</strong></p></td></tr><tr><td width=“182”><p><strong>Installation switches</strong></p></td><td width=“335”><p>See <a href=“https://support.microsoft.com/kb/912203”><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=“182”><p><strong>Restart requirement</strong></p></td><td width=“335”><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br /><br />To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/kb/887012”><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=“182”><p><strong>Removal information</strong></p></td><td width=“335”><p>Use the <strong>Add or Remove Programs</strong> item in <strong>Control Panel</strong>.</p></td></tr><tr><td width=“182”><p><strong>File information</strong></p></td><td width=“335”><p>See <a href=“https://support.microsoft.com/kb/3127945”><u>Microsoft Knowledge Base article 3127945</u></a><br />See <a href=“https://support.microsoft.com/kb/3141535”><u>Microsoft Knowledge Base article 3141535</u></a><br />See <a href=“https://support.microsoft.com/kb/3178693”><u>Microsoft Knowledge Base article 3178693</u></a><br />See <a href=“https://support.microsoft.com/kb/3178653”><u>Microsoft Knowledge Base article 3178653</u></a></p></td></tr><tr><td width=“182”><p><strong>Registry key verification</strong></p></td><td width=“335”><p>Not applicable</p></td></tr></tbody></table><p> </p><h3><strong>Microsoft Office 2010 (all editions)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“184”><p><strong>Security update file name</strong></p></td><td width=“333”><p><span>For Microsoft Office 2010 Service Pack 2 (32-bit editions):<br /><strong>ogl2010-kb3127958-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=“184”><p> </p></td><td width=“333”><p><span>For Microsoft Office 2010 Service Pack 2 (64-bit editions):<br /><strong>ogl2010-kb3127958-fullfile-x64-glb.exe</strong></span></p></td></tr><tr><td width=“184”><p> </p></td><td width=“333”><p><span>For Microsoft Office 2010 Service Pack 2 (32-bit editions):<br /><strong>usp102010-kb3178688-fullfile-x86-glb.exe</strong></span></p></td></tr><tr><td width=“184”><p> </p></td><td width=“333”><p><span>For Microsoft Office 2010 Service Pack 2 (64-bit editions):<br /><strong>usp102010-kb3178688-fullfile-x64-glb.exe</strong></span></p></td></tr><tr><td width=“184”><p><strong>Installation switches</strong></p></td><td width=“333”><p>See <a href=“https://support.microsoft.com/kb/912203”><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=“184”><p><strong>Restart requirement </strong></p></td><td width=“333”><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br /><br />To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/kb/887012”><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=“184”><p><strong>Removal information</strong></p></td><td width=“333”><p>Use the <strong>Add or Remove Programs</strong> item in <strong>Control Panel</strong>.</p></td></tr><tr><td width=“184”><p><strong>File information</strong></p></td><td width=“333”><p>See <a href=“https://support.microsoft.com/kb/3127958”><u>Microsoft Knowledge Base article 3127958</u></a><br />See <a href=“https://support.microsoft.com/kb/3178688”><u>Microsoft Knowledge Base article 3178688</u></a></p></td></tr><tr><td width=“184”><p><strong>Registry key verification</strong></p></td><td width=“333”><p>Not applicable</p></td></tr></tbody></table><p> </p><h3><strong>Microsoft Live Meeting 2007, Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), and Microsoft Lync Basic 2013 (Skype for Business Basic) </strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“25%”><p><strong>Security update file name</strong></p></td><td width=“74%”><p>For Microsoft Live Meeting 2007 Console (4010303):<br /><strong>LMSetup.exe</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Live Meeting 2007 Add-in (4010304)<br /><strong>ConfAddins_Setup.exe</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 (32-bit) (4010299):<br /><strong>lync.msp</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 (64-bit) (4010299):<br /><strong>lync.msp</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (user level install) (4010300):<br /><strong>AttendeeUser.msp</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (admin level install) (4010301):<br /><strong>AttendeeAdmin.msp</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For all supported editions of Microsoft Lync 2013 (Skype for Business) (32-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (32-bit):<br /><strong>lync2013-kb3172539-fullfile-x86-glb.exe</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For all supported editions of Microsoft Lync 2013 (Skype for Business) (64-bit) and Microsoft Lync Basic 2013 (Skype for Business Basic) (64-bit):<br /><strong>lync2013-kb3172539-fullfile-x64-glb.exe</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For all supported 32-bit editions of Skype for Business 2016 and Skype for Business Basic 2016:<br /><strong>lync2016-kb3178656-fullfile-x86-glb.exe</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For all supported 64-bit editions of Skype for Business Basic 2016:<br /><strong>lync2016-kb3178656-fullfile-x64-glb.exe</strong></p></td></tr><tr><td width=“25%”><p><strong>Installation switches</strong></p></td><td width=“74%”><p>See <a href=“http://support.microsoft.com/kb/912203”><u>Microsoft Knowledge Base article 912203</u></a></p></td></tr><tr><td width=“25%”><p><strong>Restart requirement</strong></p></td><td width=“74%”><p>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.<br /><br />To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see <a href=“http://support.microsoft.com/kb/887012”><u>Microsoft Knowledge Base article 887012</u></a>.</p></td></tr><tr><td width=“25%”><p><strong>Removal information</strong></p></td><td width=“74%”><p>Use the <strong>Add or Remove Programs</strong> item in Control Panel.</p></td></tr><tr><td width=“25%”><p><strong>File information</strong></p></td><td width=“74%”><p>For Microsoft Live Meeting 2007 Console:<br />See <a href=“http://support.microsoft.com/kb/4010303”><u>Microsoft Knowledge Base article 4010303</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Live Meeting 2007 Add-In:<br />See <a href=“http://support.microsoft.com/kb/4010304”><u>Microsoft Knowledge Base article 4010304</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For all supported editions of Microsoft Lync 2010:<br />See <a href=“http://support.microsoft.com/kb/4010299”><u>Microsoft Knowledge Base article 4010299</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (user level install):<br />See <a href=“http://support.microsoft.com/kb/4010300”><u>Microsoft Knowledge Base article 4010300</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (admin level install):<br />See <a href=“http://support.microsoft.com/kb/4010301”><u>Microsoft Knowledge Base article 4010301</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic):<br />See <a href=“http://support.microsoft.com/kb/3172539”><u>Microsoft Knowledge Base article 3172539</u></a></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Skype for Business 2016 and Skype for Business Basic 2016:<br />See <a href=“http://support.microsoft.com/kb/3178656”><u>Microsoft Knowledge Base article 3178656</u></a></p></td></tr><tr><td width=“25%”><p><strong>Registry key verification</strong></p></td><td width=“74%”><p>For Microsoft Live Meeting 2007 Console:<br />Not applicable</p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 (32-bit):<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br />Version = <strong>7577.4525</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 (64-bit):<br />HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br />Version = <strong>7577. 4525</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (user level install):<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}<br />Version = <strong>7577. 4525</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2010 Attendee (admin level install):<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\94E53390F8C13794999249B19E6CFE33\InstallProperties\DisplayVersion = <strong>4.0.7577. 4525</strong></p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):<br />Not applicable</p></td></tr><tr><td width=“25%”><p> </p></td><td width=“74%”><p>For Skype for Business 2016 and Skype for Business Basic 2016:<br />Not applicable</p></td></tr></tbody></table><p> </p><h3><strong>Silverlight 5 for Windows (all supported releases)</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“17%”><p><strong>Security update file names</strong></p></td><td width=“82%”><p>For Microsoft Silverlight 5 when installed on all supported 32-bit releases of Microsoft Windows:<br /><strong>silverlight.exe</strong></p></td></tr><tr><td width=“17%”><p> </p></td><td width=“82%”><p>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 32-bit releases of Microsoft Windows:<br /><strong>silverlight_developer.exe</strong></p></td></tr><tr><td width=“17%”><p> </p></td><td width=“82%”><p>For Microsoft Silverlight 5 when installed on all supported 64-bit releases of Microsoft Windows:<br /><strong>silverlight_x64.exe</strong></p></td></tr><tr><td width=“17%”><p> </p></td><td width=“82%”><p>For Microsoft Silverlight 5 Developer Runtime when installed on all supported 64-bit releases of Microsoft Windows:<br /><strong>silverlight_developer_x64.exe</strong></p></td></tr><tr><td width=“17%”><p><strong>Installation switches</strong></p></td><td width=“82%”><p>See the <a href=“http://download.microsoft.com/download/C/D/5/CD5AAAE3-21F7-47A8-B7D5-39E36BAF9AC8/Silverlight_Deployment_Guide.docx”><u>Silverlight Enterprise Deployment Guide</u></a></p></td></tr><tr><td width=“17%”><p><strong>Restart requirement</strong></p></td><td width=“82%”><p>This update does not require a restart.</p></td></tr><tr><td width=“17%”><p><strong>Removal information</strong></p></td><td width=“82%”><p>Use <strong>Add or Remove Programs</strong> item in Control Panel. (Note that the update cannot be removed without removing Silverlight.)</p></td></tr><tr><td width=“17%”><p><strong>File information</strong></p></td><td width=“82%”><p>See <a href=“http://support.microsoft.com/kb/3193713”><u>Microsoft Knowledge Base article 3193713</u></a></p></td></tr><tr><td width=“17%”><p><strong>Registry key verification</strong></p></td><td width=“82%”><p>For 32-bit installations of Microsoft Silverlight 5:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Silverlight “Version” = “<span>5.1.</span> 50905<span>.0</span>”</p></td></tr><tr><td width=“17%”><p> </p></td><td width=“82%”><p>For 64-bit installations of Microsoft Silverlight 5:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Silverlight “Version” = “<span>5.1.50901.0</span>”<br />and<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Silverlight “Version” = “<span>5.1.</span> 50905<span>.0</span>”</p></td></tr></tbody></table><h2>How to obtain help and support for this security update</h2><p>Help for installing updates: <a href=“https://support.microsoft.com/ph/6527”>Support for Microsoft Update</a></p><p>Security solutions for IT professionals: <a href=“https://technet.microsoft.com/security/bb980617.aspx”>TechNet Security Troubleshooting and Support</a></p><p>Help for protecting your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master”>Virus Solution and Security Center</a></p><p>Local support according to your country: <a href=“http://support.microsoft.com/”>International Support</a></p></body></html>

Related

nessus 1
openvas 3
prion 12
attackerkb 3
cve 12
kaspersky 5
mskb 27
checkpoint_advisories 7
threatpost 6
zdt 5
mscve 12
symantec 11
myhack58 3
seebug 3
zdi 1
thn 2
cisa_kev 2
mmpc 1
schneier 1
fireeye 2
googleprojectzero 1
nessus
nessus
MS17-013: Security Update for Microsoft Graphics Component (4013075)
2017-03-17 00:00:00
openvas
openvas
Microsoft Graphics Component Multiple Vulnerabilities (4013075)
2017-03-15 00:00:00
Microsoft Office Multiple RCE and Information Disclosure Vulnerabilities (4013075)
2017-03-30 00:00:00
Microsoft Graphics Component 'gdi32.dll' Information Disclosure Vulnerability (MS17-013)
2017-02-21 00:00:00
prion
prion
Privilege escalation
2017-03-17 00:59:00
Privilege escalation
2017-03-17 00:59:00
Privilege escalation
2017-03-17 00:59:00
attackerkb
attackerkb
CVE-2017-0005
2017-03-17 00:00:00
CVE-2017-0001
2017-03-17 00:00:00
CVE-2017-0047
2017-03-17 00:00:00
cve
cve
CVE-2017-0047
2017-03-17 00:59:00
CVE-2017-0001
2017-03-17 00:59:00
CVE-2017-0025
2017-03-17 00:59:00
kaspersky
kaspersky
KLA10980 Multiple vulnerabilities in Microsoft Office
2017-03-14 00:00:00
KLA10981 Multiple vulnerabilities in Microsoft Office
2017-03-14 00:00:00
KLA11833 Multiple vulnerabilities in Microsoft Developer Tools
2017-03-14 00:00:00
mskb
mskb
MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017
2017-03-14 07:00:00
Security update 2017-03-14
2017-03-14 07:00:00
MS17-013: Description of the security update for Skype for Business 2015 (Lync 2013): March 14, 2017
2017-03-14 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI+ Information Disclosure (MS17-013; CVE-2017-0060; CVE-2017-0062)
2017-03-14 00:00:00
Microsoft Windows Graphics Component Remote Code Execution (MS17-013: CVE-2017-0014)
2017-03-14 00:00:00
Microsoft Windows GDI Elevation of Privilege (MS17-013: CVE-2017-0025)
2017-03-14 00:00:00
threatpost
threatpost
Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group
2017-03-28 17:12:08
Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report
2021-02-22 21:07:03
Publicly Disclosed Windows Vulnerabilities Await Patches
2017-02-23 08:00:41
zdt
zdt
Microsoft GDI+ - gdiplus!GetRECTSForPlayback Out-of-Bounds Read (MS17-013)
2017-03-20 00:00:00
Microsoft Windows - USP10!otlList::insertAt Uniscribe Font Processing Heap-Based Buffer Overflow (MS
2017-03-20 00:00:00
Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in USP10!ScriptApplyLogicalWidth Trigger
2017-03-20 00:00:00
mscve
mscve
Windows GDI Information Disclosure Vulnerability
2017-03-14 07:00:00
Windows GDI Elevation of Privilege Vulnerability
2017-03-14 07:00:00
CVE-2017-0063
2017-03-14 07:00:00
symantec
symantec
Microsoft Windows Graphics CVE-2017-0025 Local Privilege Escalation Vulnerability
2017-03-14 00:00:00
Microsoft Windows Graphics Component CVE-2017-0108 Remote Code Execution Vulnerability
2017-03-14 00:00:00
Microsoft Windows Graphics CVE-2017-0047 Local Privilege Escalation Vulnerability
2017-03-14 00:00:00
myhack58
myhack58
Microsoft Bulletin: detection and protection CVE-2017-0005 mention the right vulnerability-vulnerability warning-the black bar safety net
2017-03-29 00:00:00
How to detect and guard based on the CVE-2017-0005 vulnerability of elevation of privileges attack-vulnerability warning-the black bar safety net
2017-08-22 00:00:00
For the APT organization to use the EPS vulnerabilities in and mention the right vulnerability analysis-vulnerability warning-the black bar safety net
2017-05-17 00:00:00
seebug
seebug
Microsoft Color Management Module (icm32.dll) out-of-bounds read (CVE-2017-0061)
2017-03-30 00:00:00
Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure (CVE-2017-0038)
2017-02-26 00:00:00
Windows Uniscribe heap-based out-of-bounds read in USP10!ScriptApplyLogicalWidth(CVE-2017-0062)
2017-03-31 00:00:00
zdi
zdi
Microsoft Windows DrawIconEx Buffer Overflow Privilege Escalation Vulnerability
2017-03-21 00:00:00
thn
thn
Chinese Hackers Had Access to a U.S. Hacking Tool Years Before It Was Leaked Online
2021-02-22 11:15:00
Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities
2017-05-09 23:37:00
cisa_kev
cisa_kev
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability
2022-05-24 00:00:00
Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability
2022-03-03 00:00:00
mmpc
mmpc
Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005
2017-03-27 15:00:01
schneier
schneier
Chinese Hackers Stole an NSA Windows Exploit in 2014
2021-03-04 12:25:17
fireeye
fireeye
EPS Processing Zero-Days Exploited by Multiple Threat Actors
2017-05-09 13:00:00
EPS Processing Zero-Days Exploited by Multiple Threat Actors
2017-05-09 13:00:00
googleprojectzero
googleprojectzero
Notes on Windows Uniscribe Fuzzing
2017-04-10 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for KB4013075
nessus1openvas3prion12attackerkb3cve12kaspersky5mskb27checkpoint_advisories7threatpost6zdt5mscve12symantec11myhack583seebug3zdi1thn2cisa_kev2mmpc1schneier1fireeye2googleprojectzero1