Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-97473
HistoryApr 11, 2017 - 12:00 a.m.

Microsoft Windows Kernel CVE-2017-0167 Information Disclosure Vulnerability

2017-04-1100:00:00
Symantec Security Response
www.symantec.com
38

0.002 Low

EPSS

Percentile

52.0%

JSON

Description

Microsoft Windows is prone to a information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks.

Technologies Affected

  • Microsoft Windows 10 Version 1607 for 32-bit Systems
  • Microsoft Windows 10 Version 1607 for x64-based Systems
  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 10 version 1511 for 32-bit Systems
  • Microsoft Windows 10 version 1511 for x64-based Systems
  • Microsoft Windows 10 version 1703 for 32-bit Systems
  • Microsoft Windows 10 version 1703 for x64-based Systems
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 8.1 for 32-bit Systems
  • Microsoft Windows 8.1 for x64-based Systems
  • Microsoft Windows RT 8.1
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
Running server processes within a restricted environment using facilities such as chroot or jail may limit the consequences of successful exploits.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

Related

mscve 1
zdt 1
checkpoint_advisories 1
cvelist 1
cve 1
prion 1
seebug 1
mskb 9
nessus 6
kaspersky 2
openvas 5
mscve
mscve
Windows Kernel Information Disclosure Vulnerability
2017-04-11 07:00:00
zdt
zdt
Microsoft Windows Kernel - win32kfull!SfnINLPUAHDRAWMENUITEM Stack Memory Disclosure Exploit
2017-04-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Kernel Information Disclosure (CVE-2017-0167)
2017-04-11 00:00:00
cvelist
cvelist
CVE-2017-0167
2017-04-12 14:00:00
cve
cve
CVE-2017-0167
2017-04-12 14:59:00
prion
prion
Information disclosure
2017-04-12 14:59:00
seebug
seebug
Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)
2017-04-14 00:00:00
mskb
mskb
Win32k information disclosure vulnerability: June 13, 2017
2017-06-28 07:00:00
April 11, 2017—KB4015547 (Security-only update)
2017-04-11 07:00:00
April 11, 2017—KB4015550 (Monthly Rollup)
2017-04-11 07:00:00
nessus
nessus
KB4015221: Windows 10 Version 1507 April 2017 Cumulative Update
2017-04-11 00:00:00
KB4015217: Windows 10 1607 April 2017 Cumulative Update
2017-04-11 00:00:00
Windows 8.1 and Windows Server 2012 R2 April 2017 Security Updates
2017-04-12 00:00:00
kaspersky
kaspersky
KLA11059 Multiple vulnerabilities in Microsoft Windows
2017-04-11 00:00:00
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
2017-04-11 00:00:00
openvas
openvas
Microsoft Windows Monthly Rollup (KB4015550)
2017-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4015221)
2017-04-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4015583)
2017-04-12 00:00:00

0.002 Low

EPSS

Percentile

52.0%

JSON
Related for SMNTC-97473
mscve1zdt1checkpoint_advisories1cvelist1cve1prion1seebug1mskb9nessus6kaspersky2openvas5