| VID |
26807 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
Microsoft Security Update for June 2017 is not installed.
- An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An attacker on a guest operating system can exploit this to gain elevated privileges on the guest. Note that the host operating system is not vulnerable. (CVE-2017-0193)
- A remote code execution vulnerability exists in Microsoft Office due to improper validation of user-supplied input before loading dynamic link library (DLL) files. An unauthenticated, remote attacker can exploit this, by convincing a user to open a secially crafted file, to execute arbitrary code in the context of the current user. (CVE-2017-0260)
- An information disclosure vulnerability exists in Windows Uniscribe due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0282)
- A remote code execution vulnerability exists in Windows Uniscribe software due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to execute arbitrary code in the context of the current user. (CVE-2017-0283)
- An information disclosure vulnerability exists in Windows Uniscribe due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0284)
- An information disclosure vulnerability exists in Windows Uniscribe due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0285)
- An information disclosure vulnerability exists in the Windows GDI component due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0286)
- An information disclosure vulnerability exists in the Windows GDI component due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0287)
- An information disclosure vulnerability exists in the Windows GDI component due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted website or to open a specially crafted document file, to disclose the contents of memory. (CVE-2017-0288)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://support.microsoft.com/en-us/help/4022719
https://support.microsoft.com/en-us/help/4022726/windows-8-update-kb4022726
https://support.microsoft.com/en-us/help/4022715/windows-10-update-kb4022715
https://support.microsoft.com/en-us/help/4022725
* Platforms Affected:
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows 7 SP1
Windows 7 x64 SP1
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10
Windows Server 2016 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin June 2017 Microsoft security update at
https://support.microsoft.com/en-us/help/4022719
https://support.microsoft.com/en-us/help/4022726/windows-8-update-kb4022726
https://support.microsoft.com/en-us/help/4022715/windows-10-update-kb4022715
https://support.microsoft.com/en-us/help/4022725
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2017-0193,CVE-2017-0260,CVE-2017-0282,CVE-2017-0283,CVE-2017-0284,CVE-2017-0285,CVE-2017-0286,CVE-2017-0287,CVE-2017-0288,CVE-2017-0289 (CVE) |
| Related URL |
98810,98818,98819,98820,98821,98822,98824,98826,98837,98839 (SecurityFocus) |
| Related URL |
(ISS) |
|
