Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4018271
HistoryMay 09, 2017 - 7:00 a.m.

Cumulative security update for Internet Explorer: May 9, 2017

2017-05-0907:00:00
Microsoft
support.microsoft.com
51

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.202 Low

EPSS

Percentile

96.3%

JSON

Cumulative security update for Internet Explorer: May 9, 2017

Summary

This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures. Additionally, see the following articles for more information about this cumulative update:

  • Windows 7 SP1 and Windows Server 2008 R2 SP1 update history

  • Windows Server 2012 update history

  • Windows 8.1 and Windows Server 2012 R2 update history

  • Windows 10 and Windows Server 2016 update history
    Important

  • The fixes included in this Security Update for Internet Explorer 4018271 are also included in the May 2017 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are resolved in this update.

  • If you use update management processes other than Windows Update, and you automatically approve all security updates classifications for deployment, this Security Update for Internet Explorer 4018271, the May 2017 Security Only Quality Update, and the May 2017 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure the desired updates are deployed.

  • This Security Update for Internet Explorer is not applicable for installation on a computer where the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from May 2017 (or a later month) is already installed. This is because those updates contain all fixes in this Security Update for Internet Explorer.
    If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:Security update deployment information: May 9, 2017

How to get and install the update

Method 1: Microsoft Update

This update is available through Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically.For more information about how to get security updates automatically, see Windows Update: FAQ.

Note For Windows RT and Windows RT 8.1, this update is available through Microsoft Update only.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

More Information

__

How to get help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File informationFor a list of the files that are provided in this cumulative update, download the file information for cumulative update 4018271.

__

File hash information

File name SHA1 hash SHA256 hash
Windows8.1-KB4018271-x86.msu 9471B6EC61AFFFF81FF75591A8CDFF42F088DED2 96833D33DE2A617416C3C81DAE8B9A93C73052418E41FBA3182E54850D836F3D
Windows8.1-KB4018271-x64.msu 73D231B6564968233D4E55D9B6B14077A3041AEF C229DF805CE8B6F6A6A9FC2F839498C8665065284349AC5193F3F0C079AE17E3
IE11-Windows6.1-KB4018271-X64.msu 7C8D8BEB9999D65C8DB17001C697E82A9A0BB1D1 E899AE1A2FBD41D2D5A0B3005BA2E6CB39795F47F64857F5F5C283B41DCA6476
IE11-Windows6.1-KB4018271-X86.msu 3EB0C93394FCA87F3DE52AE200A57E1770E741D6 63178E14811DEE09174D996FCC7859E25C6C1B43957A8DCB8621F78CF2B69B89

Related

nessus 11
openvas 8
attackerkb 2
cve 12
prion 12
symantec 5
mscve 5
checkpoint_advisories 2
zdi 2
cisa_kev 1
kaspersky 2
mskb 7
thn 2
cisa 1
veracode 7
qualysblog 2
osv 5
github 4
trendmicroblog 1
nessus
nessus
Security Updates for Internet Explorer (May 2017)
2017-11-30 00:00:00
Windows 8.1 and Windows Server 2012 R2 May 2017 Security Updates
2017-05-09 00:00:00
KB4019474: Windows 10 Version 1507 May 2017 Cumulative Update
2017-05-09 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (KB4018271)
2017-05-10 00:00:00
Microsoft Windows Monthly Rollup (KB4019215)
2017-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4019474)
2017-05-10 00:00:00
attackerkb
attackerkb
CVE-2017-0222
2017-05-12 00:00:00
CVE-2017-0226
2017-05-12 00:00:00
cve
cve
CVE-2017-0222
2017-05-12 14:29:00
CVE-2017-0226
2017-05-12 14:29:00
CVE-2017-0064
2017-05-12 14:29:00
prion
prion
Remote code execution
2017-05-12 14:29:00
Remote code execution
2017-05-12 14:29:00
Security feature bypass
2017-05-12 14:29:00
symantec
symantec
Microsoft Edge and Internet Explorer CVE-2017-0238 Remote Memory Corruption Vulnerability
2017-05-09 00:00:00
Microsoft Internet Explorer CVE-2017-0064 Security Bypass Vulnerability
2017-05-09 00:00:00
Microsoft Internet Explorer CVE-2017-0226 Remote Memory Corruption Vulnerability
2017-05-09 00:00:00
mscve
mscve
Internet Explorer Security Feature Bypass Vulnerability
2017-05-09 07:00:00
Internet Explorer Memory Corruption Vulnerability
2017-05-09 07:00:00
Microsoft Edge Memory Corruption Vulnerability
2017-05-09 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Security Feature Bypass (CVE-2017-0064)
2017-05-09 00:00:00
Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-0238)
2017-05-09 00:00:00
zdi
zdi
(Pwn2Own) Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability
2017-05-10 00:00:00
Microsoft Internet Explorer Enhanced Protected Mode Sandbox Escape Vulnerability
2017-05-10 00:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Remote Code Execution Vulnerability
2022-02-25 00:00:00
kaspersky
kaspersky
KLA11002 Multiple vulnerabilities in Microsoft Browser
2017-05-09 00:00:00
KLA11077 Multiple vulnerabilities in Microsoft Products (ESU)
2017-05-09 00:00:00
mskb
mskb
May 9, 2017—KB4019215 (Monthly Rollup)
2017-05-09 07:00:00
May 9, 2017—KB4019473 (OS Build 10586.916)
2017-05-09 07:00:00
May 9, 2017—KB4019216 (Monthly Rollup)
2017-05-09 07:00:00
thn
thn
CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog
2022-03-01 04:37:00
Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities
2017-05-09 23:37:00
cisa
cisa
CISA Adds Four Known Exploited Vulnerabilities to Catalog
2022-02-25 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-12-04 14:28:51
Remote Code Execution (RCE)
2018-12-04 14:38:22
Remote Code Execution (RCE)
2018-12-04 14:26:09
qualysblog
qualysblog
Microsoft Fixes Malware Protection Engine and Several 0-Day Vulnerabilities, and Deprecates SHA-1
2017-05-09 18:06:52
Microsoft Fixes 94 Security Issues in Massive June Update
2017-06-13 18:28:02
osv
osv
ChakraCore RCE Vulnerability
2022-05-17 02:35:00
CVE-2017-0238
2017-05-12 14:29:03
ChakraCore RCE Vulnerability
2022-05-17 02:44:21
github
github
ChakraCore RCE Vulnerability
2022-05-17 02:35:00
ChakraCore RCE Vulnerability
2022-05-17 02:44:22
ChakraCore RCE Vulnerability
2022-05-17 02:44:21
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 8, 2017
2017-05-12 16:47:57

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.202 Low

EPSS

Percentile

96.3%

JSON
Related for KB4018271
nessus11openvas8attackerkb2cve12prion12symantec5mscve5checkpoint_advisories2zdi2cisa_kev1kaspersky2mskb7thn2cisa1veracode7qualysblog2osv5github4trendmicroblog1