3872 matches found
CVE-2017-11831
Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted...
CVE-2017-11849
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windo...
CVE-2017-11851
The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it...
CVE-2017-11842
The CVE-2017-11842 entry concerns a Windows kernel information disclosure vulnerability that affects Windows 8.1/RT 8.1, Server 2012/R2, Windows 10 (initial to 1709), Windows Server 2016, and Windows Server version 1709. The root cause is the Windows kernel improperly initializing a memory addres...
Microsoft Windows Multiple Vulnerabilities (KB4048956)
This host is missing a critical security update according to Microsoft KB4048956 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4048953)
This host is missing a critical security update according to Microsoft KB4048953 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4048970)
This host is missing an important security update according to Microsoft KB4048970 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Multiple Vulnerabilities (KB4048958)
This host is missing a critical security update according to Microsoft KB4041693 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
17-Year-Old MS Office Flaw Lets Hackers Install Malware Without User Interaction
You should be extra careful when opening files in MS Office. When the world is still dealing with the threat of 'unpatched' Microsoft Office's built-in DDE feature, researchers have uncovered a serious issue with another Office component that could allow attackers to remotely install malware on...
November 14, 2017—KB4048952 (OS Build 10586.1232)
November 14, 2017—KB4048952 OS Build 10586.1232 This update can be applied to Windows 10 Enterprise and Windows 10 Education editions only. Improvements and fixes This update includes critical security updates that have been MSRC certified only. No new features or quality updates are included. Ke...
November 14, 2017—KB4048960 (Security-only update)
November 14, 2017—KB4048960 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where applications based on the Microsoft JET Database Engine...
KLA11136 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...
KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...
KB4048956: Windows 10 LTSB November 2017 Cumulative Update
The remote Windows host is missing security update 4048956. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an...
Windows 7 and Windows Server 2008 R2 November 2017 Security Updates
The remote Windows host is missing security update 4048960 or cumulative update 4048957. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a...
KB4048953: Windows 10 Version 1607 and Windows Server 2016 November 2017 Cumulative Update
The remote Windows host is missing security update 4048953. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross- Origin Resource...
The vulnerability of the graphical component of the Windows operating system, Win32k, allows a hacker to execute code in kernel mode and gain increased privileges.
The vulnerability of the graphical component of the Windows operating system, Win32k, is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to execute code at the kernel level and increase their privileges through a specially created application...
Microsoft Windows Kernel Local Information Disclosure Vulnerability(CVE-2017-11784)
One kernel memory disclosure in the exception handling code has already been discovered and reported as issue 1177 . It was fixed in the June Patch Tuesday as CVE-2017-8482. However, it seems there is another bug in this code area, this time a pool as opposed to stack memory leak. We've had some...
Microsoft Windows Kernel Local Information Disclosure Vulnerability(CVE-2017-11785)
We have discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when the following conditions are met: 1. It is invoked with the ObjectNameInformation information class and a file object associated with a file on local disk other...
October 10, 2017—KB4041691 (OS Build 14393.1770)
October 10, 2017—KB4041691 OS Build 14393.1770 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the Universal CRT caused the linker link.exe to stop working for large...