September 12, 2017—KB4038793 (Security-only update)

September 12, 2017—KB4038793 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue in NPS server where EAP TLS authentication was broken. Re-release...

Description of the security update for the Windows shell memory corruption vulnerability: October 10, 2017

Description of the security update for the Windows shell memory corruption vulnerability: October 10, 2017 Summary A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. To learn more about the...

Microsoft Windows Shell CVE-2017-11819 Remote Code Execution Vulnerability

Description Microsoft Windows Shell is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the current user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 7 for 32-bit System...

CVE-2017-8699

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows...

CVE-2017-8699

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows...

CVE-2017-8699

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows...

CVE-2017-8699

CVE-2017-8699 affects Windows Shell in Windows 7 SP1, Windows Server 2008/R2 SP1, Windows 8.1/RT 8.1, Windows Server 2012/R2, Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. Description: an attacker can run arbitrary code in the context of the current user due to how Windows Shell va...

Microsoft Windows Shell Remote Code Execution Vulnerability

Microsoft Windows 7 SP1, etc. are a series of operating systems from Microsoft USA.Shell is one of the scripting plug-ins. A remote code execution vulnerability exists in Shell in Microsoft Windows. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of the...

Windows Shell Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Shell does not properly validate file copy destinations. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights...

September 12, 2017—KB4038786 (Security-only update)

September 12, 2017—KB4038786 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the WordPad application can sometimes crash on launch. The...

KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information...

KLA11099 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...

CVE-2017-8463

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and share...

CVE-2017-8463

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and share...

June 13, 2017—KB4022718 (Security-only update)

June 13, 2017—KB4022718 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where, after installing KB3164035, users cannot print enhanced metafil...

CVE-2017-8464

CVE-2017-8464 affects Windows shells that render .lnk icons. A crafted LNK file can trigger arbitrary code execution due to improper icon handling in Windows Explorer and related parsers. Affected products include Windows client and server releases spanning Windows 7 through Windows 10 and Window...

The vulnerability of the Windows Shell component of the Windows operating system, which allows a hacker to execute arbitrary code

The vulnerability of the Windows Shell component of the Windows operating system is related to errors in the processing of LNK files. Exploiting this vulnerability allows a local attacker to execute arbitrary code by connecting a storage device to the system, which contains a specially crafted ic...

Microsoft Windows Multiple Vulnerabilities (KB4022717)

This host is missing a critical security update according to Microsoft KB4022717 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VulnCheck KEV: CVE-2017-8464

Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file...

PT-2017-2178 · Microsoft · Windows Explorer +10

Name of the Vulnerable Software and Affected Versions: Windows Shell versions in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 Description: The issue ...