| VID |
26806 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The remote Windows host is missing a security update for May 2017 (KB4019264). It is, therefore, affected by multiple vulnerabilities :
- A denial of service vulnerability exists in the Windows DNS server when it's configured to answer version queries. An unauthenticated, remote attacker can exploit this, via a malicious DNS query, to cause the DNS server to become nonresponsive. (CVE-2017-0171)
- An information disclosure vulnerability exists in the Windows kernel due to improper handling of objects in memory. A local attacker can exploit this, via a specially crafted application, to disclose sensitive information. (CVE-2017-0175)
- An elevation of privilege vulnerability exists in the Windows COM Aggregate Marshaler due to an unspecified flaw. A local attacker can exploit this, via a specially crafted application, to execute arbitrary code with elevated privileges. (CVE-2017-0213)
- An elevation of privilege vulnerability exists in Windows due to improper validation of user-supplied input when loading type libraries. A local attacker can exploit this, via a specially crafted application, to gain elevated privileges. (CVE-2017-0214)
- An information disclosure vulnerability exists in the Windows kernel due to improper handling of objects in memory. A local attacker can exploit this, via a specially crafted application, to disclose sensitive information. (CVE-2017-0220)
- A remote code execution vulnerability exists in Microsoft Internet Explorer due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website, to execute arbitrary code in the context of the current user. (CVE-2017-0222)
- A spoofing vulnerability exists in Microsoft browsers due to improper rendering of the SmartScreen filter. An unauthenticated, remote attacker can exploit this, via a specially crafted URL, to redirect users to a malicious website that appears to be a legitimate website. (CVE-2017-0231)
- An information disclosure vulnerability exists in the Microsoft Server Message Block 1.0 (SMBv1) server when handling certain requests. An unauthenticated, remote attacker can exploit this, via a specially crafted packet, to disclose sensitive information. (CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271)
- A denial of service vulnerability exists in Microsoft Server Message Block (SMB) when handling a specially crafted request to the server. An unauthenticated, remote attacker can exploit this, via a crafted SMB request, to cause the system to stop responding. (CVE-2017-0269)
* References:
https://support.microsoft.com/en-us/help/4019264/windows-7-update-kb4019264
https://support.microsoft.com/en-us/help/4019472/windows-10-update-kb4019472
https://support.microsoft.com/en-us/help/4019215/windows-8-update-kb4019215
* Platforms Affected:
Windows Vista SP2
Windows Vista x64 SP2
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows 7 SP1
Windows 7 x64 SP1
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10
Windows Server 2016 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin May 2017 Microsoft security update at
https://support.microsoft.com/en-us/help/4019264/windows-7-update-kb4019264
https://support.microsoft.com/en-us/help/4019472/windows-10-update-kb4019472
https://support.microsoft.com/en-us/help/4019215/windows-8-update-kb4019215
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2017-0171,CVE-2017-0175,CVE-2017-0213,CVE-2017-0214,CVE-2017-0220,CVE-2017-0222,CVE-2017-0231,CVE-2017-0267,CVE-2017-0268,CVE-2017-0269 (CVE) |
| Related URL |
98097,98102,98103,98110,98111,98127,98173,98259,98260,98261,98263,98264,98265,98266,98267,98268,98270,98271,98272,98273,98274 (SecurityFocus) |
| Related URL |
(ISS) |
|
