Microsoft Windows Multiple Vulnerabilities (KB4015217)

This host is missing an important security update according to Microsoft Security update KB4015217. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2017-0208

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine...

CVE-2017-0093

A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,...

Information disclosure

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine...

CVE-2017-0158

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."...

CVE-2017-0208

CVE-2017-0208 describes an information disclosure in Microsoft Edge (Chakra scripting engine) caused by improper handling of in-memory objects. The vulnerability could allow an attacker to obtain information to further compromise the system. Documents confirm the issue is tied to the Scripting En...

Microsoft Windows Monthly Rollup (KB4015551)

This host is missing a monthly rollup according to Microsoft KB4015551. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Monthly Rollup (KB4015549)

This host is missing a monthly rollup according to Microsoft security update KB4015549. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Monthly Rollup (KB4015550)

This host is missing a monthly rollup according to Microsoft KB4015550. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4015583)

This host is missing an important security update according to Microsoft security update KB4015067. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Windows Scripting Engine Remote Code Execution Vulnerability (KB4015067)

This host is missing an important security update according to Microsoft April 2017 Security Update KB4015067. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Microsoft Windows Multiple Vulnerabilities (KB4015219)

This host is missing an important security update according to Microsoft security update KB4015219. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

KB4015067: Security Update for the Scripting Engine Memory Corruption Vulnerability (April 2017)

The remote Windows host is missing security update KB4015067. It is, therefore, affected by a flaw in the VBScript engine due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a malicious website or open a specially...

April 11, 2017—KB4015583 (OS Build 15063.138)

April 11, 2017—KB4015583 OS Build 15063.138 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issues with updated time zone information. Security updates to Scripting...

April 11, 2017—KB4015548 (Security-only update)

April 11, 2017—KB4015548 Security-only update Improvements and fixes This security update resolves security vulnerabilities in Scripting Engine, Hyper-V, Win32K, Adobe Type Manager Font Driver, Microsoft Outlook, Graphics component, Lightweight Directory Access Protocol and Windows OLE. For more...

Security update for the Scripting Engine Memory Corruption Vulnerability in Windows Server 2008: May 9, 2017

Security update for the Scripting Engine Memory Corruption Vulnerability in Windows Server 2008: May 9, 2017 Summary A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory when the engine is rendered in Internet Explorer. In a web-based attack...

April 11, 2017—KB4015551 (Monthly Rollup)

April 11, 2017—KB4015551 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4012220 released March 21, 2017 and also resolves security vulnerabilities in Internet Explorer, Scripting Engine, Hyper-V, Win32K, Adobe Type Manager...

Scripting Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...

KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corrupti...

CVE-2017-0130

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in...