Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4042120
HistoryOct 10, 2017 - 7:00 a.m.

Description of the security update for Windows Server 2008: October 10, 2017

2017-10-1007:00:00
Microsoft
support.microsoft.com
10

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.6%

JSON

Description of the security update for Windows Server 2008: October 10, 2017

Summary

Vulnerabilities exist in Windows that could allow elevation of privilege or information disclosure.

To learn more about the vulnerabilities, go to the Security Update Guide.

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: October 10, 2017

More Information

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2008 file information

**Note:**The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information

File hash information

File name SHA1 hash SHA256 hash
Windows6.0-KB4042120-x86.msu FA9E143D2CF453ED3734670CD76C942064C8D97D 35D88C30D451DE13101A34400D70B8798621117FC2148336A0D5043BF0CC612B
Windows6.0-KB4042120-x64.msu A7ABA9ACB3A126C8E6BFF91F73D0479B03F94386 896574BD563FE0212B6D14516361BD93CAEAF5DD47AA0B7BC54151836723020C
Windows6.0-KB4042120-ia64.msu 3F6F1EC3AA61AC32249074657247FDE25C49EAB8 AAEC97A06C966BBFFA9331C855D5F01D3020E8908E8D2BFF17DFFC8509FDA4F8

For all supported x86-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24200 2,082,304 08-Sep-2017 14:28 x86

For all supported x64-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24200 2,809,856 08-Sep-2017 18:06 x64

For all supported ia64-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24200 6,700,032 08-Sep-2017 14:30 IA-64

Related

openvas 8
prion 7
cve 7
mscve 5
symantec 5
zdi 1
checkpoint_advisories 2
mskb 10
nessus 8
kaspersky 2
trendmicroblog 1
talosblog 1
myhack58 1
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4042120)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041681)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041693)
2017-10-11 00:00:00
prion
prion
Privilege escalation
2017-10-13 13:29:00
Privilege escalation
2017-10-13 13:29:00
Information disclosure
2017-10-13 13:29:00
cve
cve
CVE-2017-8689
2017-10-13 13:29:00
CVE-2017-8694
2017-10-13 13:29:00
CVE-2017-11784
2017-10-13 13:29:00
mscve
mscve
Windows Graphics Component Elevation of Privilege Vulnerability
2017-10-10 07:00:00
Windows Kernel Information Disclosure Vulnerability
2017-10-10 07:00:00
Windows Kernel Information Disclosure Vulnerability
2017-10-10 07:00:00
symantec
symantec
Microsoft Windows Graphics Component CVE-2017-11824 Local Privilege Escalation Vulnerability
2017-10-10 00:00:00
Microsoft Windows Kernel CVE-2017-11814 Local Information Disclosure Vulnerability
2017-10-10 00:00:00
Microsoft Windows Kernel CVE-2017-11765 Local Information Disclosure Vulnerability
2017-10-10 00:00:00
zdi
zdi
Microsoft Windows Submenu Use-After-Free Privilege Escalation Vulnerability
2017-10-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2017-8689)
2017-10-10 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2017-8694)
2017-10-10 00:00:00
mskb
mskb
October 10, 2017—KB4041678 (Security-only update)
2017-10-16 07:00:00
October 10, 2017—KB4041687 (Security-only update)
2017-10-16 07:00:00
October 10, 2017—KB4041681 (Monthly Rollup)
2017-10-16 07:00:00
nessus
nessus
Windows 7 and Windows Server 2008 R2 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
Windows 2008 October 2017 Multiple Security Updates (KRACK)
2017-10-12 00:00:00
Windows 8.1 and Windows Server 2012 R2 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
kaspersky
kaspersky
KLA11108 Multiple vulnerabilities in Microsoft Products (ESU)
2017-10-10 00:00:00
KLA11111 Multiple vulnerabilities in Microsoft Windows
2017-10-10 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017
2017-10-13 14:03:59
talosblog
talosblog
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00
myhack58
myhack58
Microsoft windows October release of the 62 flaws vulnerability bug patch, and repair of the National researchers submitted the 0-day flaw vulnerability bug-vulnerability warning-the black bar safety net
2017-10-12 00:00:00

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.6%

JSON
Related for KB4042120
openvas8prion7cve7mscve5symantec5zdi1checkpoint_advisories2mskb10nessus8kaspersky2trendmicroblog1talosblog1myhack581