| VID |
26813 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
Microsoft Security Update for December 2017 is not installed.
- An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. (CVE-2017-11919)
- A remote code execution vulnerability exists when Internet Explorer and Microsoft Edge improperly accesses objects in memory. (CVE-2017-11886, CVE-2017-11890, CVE-2017-11901, CVE-2017-11903, CVE-2017-11907, CVE-2017-11913, CVE-2017-11888)
- A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. (CVE-2017-11885)
- A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. (CVE-2017-11894, CVE-2017-11895, CVE-2017-11912, CVE-2017-11930, CVE-2017-11889, CVE-2017-11910, CVE-2017-11918)
- An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. (CVE-2017-11887, CVE-2017-11906)
- An information disclosure vulnerability exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL. (CVE-2017-11927)
- A security feature bypass exists when Device Guard incorrectly validates an untrusted file. (CVE-2017-11899)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://support.microsoft.com/en-us/help/4009469
https://support.microsoft.com/en-us/help/4009470
https://support.microsoft.com/en-us/help/4009471
https://support.microsoft.com/en-us/help/4000825
* Platforms Affected:
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows 7 SP1
Windows 7 x64 SP1
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10
Windows Server 2016 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin Dec 2017 Microsoft security update at
https://support.microsoft.com/en-us/help/4009469
https://support.microsoft.com/en-us/help/4009470
https://support.microsoft.com/en-us/help/4009471
https://support.microsoft.com/en-us/help/4000825
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2017-11919,CVE-2017-11886,CVE-2017-11890,CVE-2017-11885,CVE-2017-11894,CVE-2017-11895,CVE-2017-11887,CVE-2017-11906,CVE-2017-11927 (CVE) |
| Related URL |
102045,102046,102047,102053,102054,102055,102058,102062,102063,102065,102077,102078,102080,102082,102086,102089,102091,102092,102093,102095 (SecurityFocus) |
| Related URL |
(ISS) |
|
