10 matches found
Patch Tuesday - August 2017
It was a busy month this month with a total of 48 security issues fixed. All of these have a severity of Critical or Important with Remote Code Execution vulnerabilities again figuring highly, particularly for Microsoft Edge. There were also a few publicly disclosed vulnerabilities that were fixe...
Windows Kernel pool memory disclosure in nt!NtNotifyChangeDirectoryFile(CVE-2017-0299)
We have discovered that the nt!NtNotifyChangeDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test Windows 10 32-bit workstation, an example layout of the output buffer is as follows: --- cut ---...
CVE-2017-0299
creationtimestamp| type| source ---|---|--- 2017-06-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42219...
Information disclosure
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka...
CVE-2017-0299
The CVE-2017-0299 entry describes a Windows kernel information disclosure vulnerability in the NT kernel affecting multiple Windows versions (Windows 7 SP1, Windows 8.1, Windows Server 2012/2016, Windows 10 various builds, and more). The issue allows an authenticated attacker to obtain informatio...
Microsoft Windows Multiple Vulnerabilities (KB4022727)
This host is missing a critical security update according to Microsoft KB4022727 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4022725)
This host is missing a critical security update according to Microsoft KB4022725 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4022722)
This host is missing a critical security update according to Microsoft KB4022722 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Windows 7 and Windows Server 2008 R2 June 2017 Security Updates
The remote Windows host is missing security update 4022722 or cumulative update 4022719. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An...
Windows 8.1 and Windows Server 2012 R2 June 2017 Security Updates
The remote Windows host is missing security update 4022717 or cumulative update 4022726. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An...