Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CNVD-2017-30909)

Microsoft Windows is the popular computer operating system. A remote code execution vulnerability exists in the implementation of the Microsoft Windows Font Library when it does not properly handle constructed embedded fonts, which, if successfully exploited, could allow an attacker to take contr...

Microsoft Windows Graphics Component Local Elevation of Privilege Vulnerability (CNVD-2017-30578)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of Windows Graphics when memory objects are not handled correctly, which can be successfully exploited to allow an attacker to run processes with elevated privileges...

Microsoft Windows Multiple Vulnerabilities (KB4041681)

This host is missing a critical security update according to Microsoft KB4041681 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4042120)

This host is missing an important security update according to Microsoft KB4042120 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB4041693)

This host is missing a critical security update according to Microsoft KB4041693 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

September 12, 2017—KB4038793 (Security-only update)

September 12, 2017—KB4038793 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue in NPS server where EAP TLS authentication was broken. Re-release...

Microsoft Graphics Component Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

Windows Graphics Component Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability b...

KLA11111 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

Windows 7 and Windows Server 2008 R2 October 2017 Security Updates (KRACK)

The remote Windows host is missing security update 4041678 or cumulative update 4041681. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in...

CVE-2017-8695

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016;...

CVE-2017-8696

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to...

Remote code execution

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to...

CVE-2017-8720

CVE-2017-8720 is a local elevation-of-privilege flaw in the Windows graphics stack tied to the Win32k component. The vulnerability arises when Win32k fails to properly handle memory objects, allowing an attacker who can run code on a system to execute with kernel or higher privileges. Affected pr...

Microsoft Windows graphics component elevation of privilege vulnerability

Microsoft Windows Server 2008 SP2, etc. are a series of operating systems released by Microsoft Corporation in the United States. graphics component is one of the graphics driver components. An elevation of privilege vulnerability exists in the graphics component of Microsoft Windows, which stems...

Microsoft Office Graphics Component Remote Code Execution Vulnerability (KB3213649)

This host is missing a critical security update according to Microsoft KB3213649 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4038792)

This host is missing a critical security update according to Microsoft KB4038792 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4038783)

This host is missing a critical security update according to Microsoft KB4038783 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4038788)

This host is missing a critical security update according to Microsoft KB4038788 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

September 12, 2017—KB4038786 (Security-only update)

September 12, 2017—KB4038786 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the WordPad application can sometimes crash on launch. The...