November 14, 2017—KB4048960 (Security-only update)

November 14, 2017—KB4048960 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where applications based on the Microsoft JET Database Engine...

November 14, 2017—KB4048962 (Security-only update)

November 14, 2017—KB4048962 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the virtual smart card doesn't assess the Trusted Platform...

November 14, 2017—KB4048959 (Monthly Rollup)

November 14, 2017—KB4048959 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4041692 released October 17, 2017 and resolves the following issues: Addressed issue where the virtual smart card doesn't assess the Trusted Platform...

Microsoft Graphics Component Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

November 14, 2017—KB4048955 (OS Build 16299.64)

November 14, 2017—KB4048955 OS Build 16299.64 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue that causes the Mixed Reality Portal to stop responding on launch. Addressed...

Microsoft Windows Graphics Component CVE-2017-11850 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

KLA11136 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...

Microsoft Windows Graphics Component Information Disclosure (CVE-2017-11816)

An information disclosure vulnerability exists in the GDI component of Microsoft Windows. The vulnerability is due to an out-of-bounds read error when processing a WMF file. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted web page or document...

KB4038781: Windows 10 September 2017 Cumulative Update

The remote Windows host is missing security update 4038781. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables...

October 10, 2017—KB4041678 (Security-only update)

October 10, 2017—KB4041678 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers...

CVE-2017-8693

The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability"...

CVE-2017-11824

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles object...

CVE-2017-11762

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles speciall...

CVE-2017-11824

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles object...

CVE-2017-11762

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles speciall...

Remote code execution

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles speciall...

CVE-2017-11763

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles speciall...

CVE-2017-11763

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles speciall...

CVE-2017-11762

This CVE (CVE-2017-11762) is a remote code execution vulnerability in the Microsoft Windows Graphics Component that is triggered by specially crafted embedded fonts. Affected products span Windows client and server lines listed in the CVE entry (e.g., Windows 7, 8.1, 10 variants, Server 2008/2012...

Microsoft Windows Graphics Component Local Information Disclosure Vulnerability (CNVD-2017-30910)

Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in the implementation of Windows Graphics when it does not properly handle memory objects, which can be successfully exploited to allow an attacker to obtain sensitive information...