9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Microsoft 6, on patch day the disclosure of the two being the use of a remote code execution vulnerability(CVE-2017-8543)Windows Search remote code execution vulnerability(CVE-2017-8464)LNK file shortcut remote code execution vulnerability.
Vulnerability name: Windows Search remote code execution vulnerability
Vulnerability ID: CVE-2017-8543
Vulnerability rating: Critical
Vulnerability summary: Windows Search service for WSS is windows A enabled by default for basic services. Allows the user in a plurality of Windows of service between the client and the search. When Windows Search handle objects in memory, there is a remote code execution vulnerability. Successful exploitation of this vulnerability an attacker can control an affected system.
In order to exploit this vulnerability, an attacker may be able to the Windows Search service to send a carefully the structure of the SMB message. To exploit this vulnerability to elevate privileges and control of the computer. In addition, in the enterprise scenario, an unauthenticated attacker can pass the SMB service to connect the remote trigger the vulnerability, and then control the target computer.
The affected version
Desktop: Windows 10, 7, 8, 8.1, Vista, Xp, and Windows RT 8.1
Server System: Windows Server 2016, and in 2012, 2008, 2003
Repair solutions:
Desktop Windows 10, 7, 8.1 and Windows RT 8.1; Server System: Windows Server 2016, the 2012, the 2008, can through the Windows Update Automatic Updates Microsoft patch way to repair.
Windows 8, Vista, Xp and Windows Server 2003 can select the corresponding version and then manually update the patches to be updated
(Patch download address reference https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
Vulnerability name: LNK file shortcut remote code execution vulnerability
Vulnerability ID: CVE-2017-8464
Vulnerability rating: Critical
Vulnerability summary: if a user open an attacker carefully constructed malicious LNK files, it will result in remote code execution. Successful exploitation of this vulnerability an attacker can get the local user with the same user permissions.
The attacker can be through removable drives, USB flash drive or a remote share, etc. containing a malicious LNK files and associated malicious binary file is propagated to the user. When the user through Windows Explorer or any be able to parse LNK files to the program open a malicious. LNK file, associated with the malicious binary code on the target system execution.
The affected version
Desktop: Windows 10, 7, 8.1, 8, Vista, and Windows RT 8.1
Server System: Windows Server 2016, the 2012, the 2008
Repair solutions:
Desktop Windows 10,7,8. 1, and Windows RT 8.1; Server System: Windows Server 2016, the 2012, the 2008, can through the Windows Update Automatic Updates Microsoft patch way to repair.
Windows 8, Vista can select the corresponding version and then manually update the patches to be updated
(Patch download address reference https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
Reference
https://threatpost.com/microsoft-patches-two-critical-vulnerabilities-under-attack/126239/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464
https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%