Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4042067
HistoryOct 10, 2017 - 7:00 a.m.

Description of the security update for the Microsoft Search vulnerabilities in Windows Server 2008: October 10, 2017

2017-10-1007:00:00
Microsoft
support.microsoft.com
11

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.189 Low

EPSS

Percentile

96.2%

JSON

Description of the security update for the Microsoft Search vulnerabilities in Windows Server 2008: October 10, 2017

Summary

Vulnerabilities exist in Microsoft Windows Search that could allow information disclosure or remote code execution.

To learn more about the vulnerabilities, go to the Security Update Guide.

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: October 10, 2017

More Information

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2008 file information

**Note:**The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information

File hash information

File name SHA1 hash SHA256 hash
Windows6.0-KB4042067-ia64.msu 1A37F6A9C08284CE38D0604DC1103D6FBB1F0CD6 7BE94A7D0EC5E8E455BE935D8CE552FCD9F25CF06FDB3A5EAFDD8E7F379D0945
Windows6.0-KB4042067-x86.msu E4EDBC5D7487276608DEEC597CB7319220E3DBA5 0F8051D50CDAF2656E45F7191CC526A49AD8AC663ECE2F99FC52AAEF5A7B0360
Windows6.0-KB4042067-x64.msu 87DD35F81022E4ABF07C6AB515C2F3E5F6FE4A27 5636C75C5323DD18EF41ABF501D4BEF7D8E9C1E2B483AFA1430F826E24DDA090

For all supported ia64-based versions

File name File version File size Date Time Platform
Query.dll 6.0.6002.24201 4,434,432 09-Sep-2017 15:18 IA-64
Query.dll 6.0.6002.24201 1,382,400 09-Sep-2017 15:30 x86

For all supported x86-based versions

File name File version File size Date Time Platform
Query.dll 6.0.6002.24201 1,382,400 09-Sep-2017 15:30 x86
Gsrvctr.h Not applicable 2,590 07-Mar-2016 23:36 Not applicable
Gsrvctr.ini Not applicable 30,628 07-Mar-2016 23:36 Not applicable
Gthrctr.h Not applicable 3,100 07-Mar-2016 23:36 Not applicable
Gthrctr.ini Not applicable 31,698 07-Mar-2016 23:36 Not applicable
Idxcntrs.h Not applicable 4,640 07-Mar-2016 23:36 Not applicable
Idxcntrs.ini Not applicable 20,698 07-Mar-2016 23:36 Not applicable
Msscb.dll 7.0.6002.24201 35,328 09-Sep-2017 15:29 x86
Msscntrs.dll 7.0.6002.24201 60,416 09-Sep-2017 15:29 x86
Msshooks.dll 7.0.6002.24201 11,776 09-Sep-2017 15:29 x86
Mssitlb.dll 7.0.6002.24201 87,040 09-Sep-2017 15:29 x86
Mssph.dll 7.0.6002.24201 351,744 09-Sep-2017 15:29 x86
Mssphtb.dll 7.0.6002.24201 203,264 09-Sep-2017 15:29 x86
Mssprxy.dll 7.0.6002.24201 33,280 09-Sep-2017 15:29 x86
Mssrch.dll 7.0.6002.24201 1,480,192 09-Sep-2017 15:29 x86
Msstrc.dll 7.0.6002.24201 43,008 09-Sep-2017 15:29 x86
Mssvp.dll 7.0.6002.24201 670,720 09-Sep-2017 15:29 x86
Propdefs.dll 7.0.6002.24201 71,168 09-Sep-2017 15:30 x86
Searchfilterhost.exe 7.0.6002.24201 87,552 09-Sep-2017 14:48 x86
Searchindexer.exe 7.0.6002.24201 441,344 09-Sep-2017 14:48 x86
Searchprotocolhost.exe 7.0.6002.24201 185,344 09-Sep-2017 14:48 x86
Tquery.dll 7.0.6002.24201 1,577,984 09-Sep-2017 15:30 x86

For all supported x64-based versions

File name File version File size Date Time Platform
Query.dll 6.0.6002.24201 2,030,080 09-Sep-2017 15:31 x64
Gsrvctr.h Not applicable 2,590 07-Mar-2016 23:36 Not applicable
Gsrvctr.ini Not applicable 30,628 07-Mar-2016 23:36 Not applicable
Gthrctr.h Not applicable 3,100 07-Mar-2016 23:36 Not applicable
Gthrctr.ini Not applicable 31,698 07-Mar-2016 23:36 Not applicable
Idxcntrs.h Not applicable 4,640 07-Mar-2016 23:36 Not applicable
Idxcntrs.ini Not applicable 20,698 07-Mar-2016 23:36 Not applicable
Msscb.dll 7.0.6002.24201 44,544 09-Sep-2017 15:31 x64
Msscntrs.dll 7.0.6002.24201 74,240 09-Sep-2017 15:31 x64
Msshooks.dll 7.0.6002.24201 11,776 09-Sep-2017 15:31 x64
Mssitlb.dll 7.0.6002.24201 87,552 09-Sep-2017 15:31 x64
Mssph.dll 7.0.6002.24201 501,248 09-Sep-2017 15:31 x64
Mssphtb.dll 7.0.6002.24201 313,344 09-Sep-2017 15:31 x64
Mssprxy.dll 7.0.6002.24201 40,448 09-Sep-2017 15:31 x64
Mssrch.dll 7.0.6002.24201 2,279,936 09-Sep-2017 15:31 x64
Msstrc.dll 7.0.6002.24201 78,848 09-Sep-2017 15:31 x64
Mssvp.dll 7.0.6002.24201 797,184 09-Sep-2017 15:31 x64
Propdefs.dll 7.0.6002.24201 80,896 09-Sep-2017 15:31 x64
Searchfilterhost.exe 7.0.6002.24201 112,128 09-Sep-2017 14:59 x64
Searchindexer.exe 7.0.6002.24201 597,504 09-Sep-2017 15:01 x64
Searchprotocolhost.exe 7.0.6002.24201 259,072 09-Sep-2017 15:00 x64
Tquery.dll 7.0.6002.24201 2,206,208 09-Sep-2017 15:31 x64
Msscb.dll 7.0.6002.24201 35,328 09-Sep-2017 15:29 x86
Msscntrs.dll 7.0.6002.24201 60,416 09-Sep-2017 15:29 x86
Msshooks.dll 7.0.6002.24201 11,776 09-Sep-2017 15:29 x86
Mssitlb.dll 7.0.6002.24201 87,040 09-Sep-2017 15:29 x86
Mssph.dll 7.0.6002.24201 351,744 09-Sep-2017 15:29 x86
Mssphtb.dll 7.0.6002.24201 203,264 09-Sep-2017 15:29 x86
Mssprxy.dll 7.0.6002.24201 33,280 09-Sep-2017 15:29 x86
Mssrch.dll 7.0.6002.24201 1,480,192 09-Sep-2017 15:29 x86
Msstrc.dll 7.0.6002.24201 43,008 09-Sep-2017 15:29 x86
Mssvp.dll 7.0.6002.24201 670,720 09-Sep-2017 15:29 x86
Propdefs.dll 7.0.6002.24201 71,168 09-Sep-2017 15:30 x86
Searchfilterhost.exe 7.0.6002.24201 87,552 09-Sep-2017 14:48 x86
Searchindexer.exe 7.0.6002.24201 441,344 09-Sep-2017 14:48 x86
Searchprotocolhost.exe 7.0.6002.24201 185,344 09-Sep-2017 14:48 x86
Tquery.dll 7.0.6002.24201 1,577,984 09-Sep-2017 15:30 x86
Query.dll 6.0.6002.24201 1,382,400 09-Sep-2017 15:30 x86

Related

openvas 8
symantec 2
mscve 2
checkpoint_advisories 2
prion 2
cve 2
huawei 1
threatpost 1
qualysblog 1
mskb 10
nessus 8
kaspersky 2
trendmicroblog 1
talosblog 1
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4042067)
2017-10-11 00:00:00
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4041690)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041681)
2017-10-11 00:00:00
symantec
symantec
Microsoft Windows Search CVE-2017-11772 Information Disclosure Vulnerability
2017-10-10 00:00:00
Microsoft Windows Search CVE-2017-11771 Remote Code Execution Vulnerability
2017-10-10 00:00:00
mscve
mscve
Microsoft Search Information Disclosure Vulnerability
2017-10-10 07:00:00
Windows Search Remote Code Execution Vulnerability
2017-10-10 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Search Information Disclosure (CVE-2017-11772)
2017-10-23 00:00:00
Microsoft Windows Search Remote Code Execution (CVE-2017-11771)
2017-11-01 00:00:00
prion
prion
Information disclosure
2017-10-13 13:29:00
Remote code execution
2017-10-13 13:29:00
cve
cve
CVE-2017-11772
2017-10-13 13:29:00
CVE-2017-11771
2017-10-13 13:29:00
huawei
huawei
Security Advisory - Two Remote Code Execution Vulnerabilities in Microsoft Windows
2017-12-20 00:00:00
threatpost
threatpost
Microsoft Patches Office Bug Actively Being Exploited
2017-10-10 16:44:08
qualysblog
qualysblog
October Patch Tuesday: 28 Critical Microsoft Vulnerabilities
2017-10-10 18:23:41
mskb
mskb
October 10, 2017—KB4041678 (Security-only update)
2017-10-16 07:00:00
October 10, 2017—KB4041679 (Security-only update)
2017-10-16 07:00:00
October 10, 2017—KB4041690 (Monthly Rollup)
2017-10-16 07:00:00
nessus
nessus
Windows 7 and Windows Server 2008 R2 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
Windows Server 2012 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
Windows 2008 October 2017 Multiple Security Updates (KRACK)
2017-10-12 00:00:00
kaspersky
kaspersky
KLA11108 Multiple vulnerabilities in Microsoft Products (ESU)
2017-10-10 00:00:00
KLA11111 Multiple vulnerabilities in Microsoft Windows
2017-10-10 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017
2017-10-13 14:03:59
talosblog
talosblog
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.189 Low

EPSS

Percentile

96.2%

JSON
Related for KB4042067
openvas8symantec2mscve2checkpoint_advisories2prion2cve2huawei1threatpost1qualysblog1mskb10nessus8kaspersky2trendmicroblog1talosblog1