Lucene search

K
mskbMicrosoftKB4089694
HistoryMar 12, 2018 - 12:00 a.m.

Description of the security update for the Windows Wireless WPA pairwise encryption key reinstallation vulnerability in WES09 and POSReady 2009: March 13, 2018

2018-03-1200:00:00
Microsoft
support.microsoft.com
64
windows
wireless
wpa
encryption
vulnerability
wes09
posready 2009
update
march 13 2018
language pack
microsoft update catalog
file information
sha1 hash
sha256 hash
file version
file size
it professionals
technet security support
viruses
malware
international support
x86-based versions

CVSS2

5.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7

Confidence

High

EPSS

0.002

Percentile

53.1%

Description of the security update for the Windows Wireless WPA pairwise encryption key reinstallation vulnerability in WES09 and POSReady 2009: March 13, 2018

Summary

An information disclosure vulnerability exists in the Windows implementation of wireless networking. An attacker who successfully exploits this vulnerability could potentially decrypt wireless traffic of hosts on a WPA or WPA 2-protected wireless network.To learn more about the vulnerability, see CVE-2017-13077.

More Information

Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

More Information

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

WES09 and POSReady 2009 file information

File hash information

File name SHA1 hash SHA256 hash
WindowsXP-KB4089694-x86-Embedded-ENU.exe F0698BDBB2C0DBAF56D7C4071061046865EC3526 794C9E9B730527566004698179C27E14B182082A90F8BF3DBC4DD0CEDC08E305

For all supported x86-based versions

File name File version File size Date Time Platform
Wzcsvc.dll 5.1.2600.7432 484,352 15-Feb-2018 00:16 x86
Updspapi.dll 6.3.13.0 382,840 16-May-2014 03:08 x86

CVSS2

5.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7

Confidence

High

EPSS

0.002

Percentile

53.1%