3872 matches found
CVE-2017-0167
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further...
Microsoft Windows Monthly Rollup (KB4015549)
This host is missing a monthly rollup according to Microsoft security update KB4015549. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
April 11, 2017—KB4015583 (OS Build 15063.138)
April 11, 2017—KB4015583 OS Build 15063.138 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issues with updated time zone information. Security updates to Scripting...
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KB4015221: Windows 10 Version 1507 April 2017 Cumulative Update
The remote Windows 10 Version 1507 host is missing security update KB4015221. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
KB4015583: Windows 10 Version 1703 April 2017 Cumulative Update
The remote Windows 10 version 1703 host is missing security update KB4015583. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
KB4015219: Windows 10 Version 1511 April 2017 Cumulative Update
The remote Windows 10 version 1511 host is missing security update KB4015219. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a perpetrator to manipulate processes or cause service failures
The vulnerability of the Windows operating system’s kernel relates to incorrect access control. Exploiting this vulnerability allows a local attacker to manipulate processes, simulate communication between them, or cause service failures through a specially crafted application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a local attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
Mozilla Patches Pwn2Own Zero Day in Firefox
Mozilla was quick to patch a zero day vulnerability identified in the Firefox browser at the Pwn2Own hacking competition last week. The company remedied the issue just shy of 24 hours of being made aware of the flaw, pushing out the updated version 52.0.1 of the browser late Friday. Asa Dotzler,...
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc nt!ExpFindAndRemoveTagBigPages (MS17-017)
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc nt!ExpFindAndRemoveTagBigPages MS17-017 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=993 We have encountered Windows kernel crashes in the internal nt!nt!HvpGetBinMemAlloc and...
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc / nt!ExpFindAndRemoveTagBigPages (MS17-017)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=993 We have encountered Windows kernel crashes in the internal nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages functions while loading corrupted registry hive files. We believe both crashes to be caused by the same bug...
VM Escape Earns Hackers $105K at Pwn2Own
Hackers managed to take down Microsoft Edge and escape a virtual machine to boot on the third day of Pwn2Own early Friday. Members from Qihoo’s 360 Security Team carried out the VM exploit, earning the group $105,000, by far the highest amount awarded to a group at the hacking challenge this week...
CVE-2017-0080
The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024, CVE-2017-0026,...
CVE-2017-0103
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."...
CVE-2017-0079
The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in...