Test Kennung:	1.3.6.1.4.1.25623.1.0.812016
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Multiple Vulnerabilities (KB4041681)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft KB4041681
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft KB4041681 Vulnerability Insight: Multiple flaws exist due to: - A spoofing vulnerability in the Windows implementation of wireless networking (KRACK) - An error in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. - An error in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. - An error when the Windows kernel improperly handles objects in memory. - An error when the Windows font library improperly handles specially crafted embedded fonts. - An error when the Windows kernel-mode driver fails to properly handle objects in memory. - An error when Internet Explorer improperly accesses objects in memory. - An error in the Microsoft JET Database Engine that could allow remote code execution on an affected system. - An error when Internet Explorer improperly handles objects in memory. - An error when the Windows Graphics Component improperly handles objects in memory. - An error in the way that the scripting engine handles objects in memory in Internet Explorer. - An error when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. - An error when Windows Search improperly handles objects in memory. - An error in the way that Microsoft browsers access objects in memory. - An error when the Windows kernel improperly initializes objects in memory. - An error in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. - An error in the way that the Windows SMB Server handles certain requests. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, conduct denial-of-service, gain access to potentially sensitive information, take control of the affected system and gain escalated privileges. Affected Software/OS: - Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1 - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-11762 BugTraq ID: 101108 http://www.securityfocus.com/bid/101108 http://www.securitytracker.com/id/1039536 Common Vulnerability Exposure (CVE) ID: CVE-2017-8694 BugTraq ID: 101100 http://www.securityfocus.com/bid/101100 http://www.securitytracker.com/id/1039526 Common Vulnerability Exposure (CVE) ID: CVE-2017-8717 BugTraq ID: 101161 http://www.securityfocus.com/bid/101161 http://www.securitytracker.com/id/1039527 Common Vulnerability Exposure (CVE) ID: CVE-2017-8718 BugTraq ID: 101162 http://www.securityfocus.com/bid/101162 Common Vulnerability Exposure (CVE) ID: CVE-2017-11763 BugTraq ID: 101109 http://www.securityfocus.com/bid/101109 Common Vulnerability Exposure (CVE) ID: CVE-2017-11765 BugTraq ID: 101111 http://www.securityfocus.com/bid/101111 Common Vulnerability Exposure (CVE) ID: CVE-2017-8727 BugTraq ID: 101142 http://www.securityfocus.com/bid/101142 http://www.securitytracker.com/id/1039537 Common Vulnerability Exposure (CVE) ID: CVE-2017-11771 BugTraq ID: 101114 http://www.securityfocus.com/bid/101114 http://www.securitytracker.com/id/1039538 Common Vulnerability Exposure (CVE) ID: CVE-2017-11772 BugTraq ID: 101116 http://www.securityfocus.com/bid/101116 Common Vulnerability Exposure (CVE) ID: CVE-2017-11780 BugTraq ID: 101110 http://www.securityfocus.com/bid/101110 http://www.securitytracker.com/id/1039528 Common Vulnerability Exposure (CVE) ID: CVE-2017-11781 BugTraq ID: 101140 http://www.securityfocus.com/bid/101140 Common Vulnerability Exposure (CVE) ID: CVE-2017-11784 BugTraq ID: 101147 http://www.securityfocus.com/bid/101147 Common Vulnerability Exposure (CVE) ID: CVE-2017-11785 BugTraq ID: 101149 http://www.securityfocus.com/bid/101149 https://www.exploit-db.com/exploits/43001/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11790 BugTraq ID: 101077 http://www.securityfocus.com/bid/101077 http://www.securitytracker.com/id/1039532 Common Vulnerability Exposure (CVE) ID: CVE-2017-11793 BugTraq ID: 101141 http://www.securityfocus.com/bid/101141 https://www.exploit-db.com/exploits/43368/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11810 BugTraq ID: 101081 http://www.securityfocus.com/bid/101081 https://www.exploit-db.com/exploits/43131/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11813 BugTraq ID: 101083 http://www.securityfocus.com/bid/101083 Common Vulnerability Exposure (CVE) ID: CVE-2017-11814 BugTraq ID: 101093 http://www.securityfocus.com/bid/101093 Common Vulnerability Exposure (CVE) ID: CVE-2017-11815 BugTraq ID: 101136 http://www.securityfocus.com/bid/101136 Common Vulnerability Exposure (CVE) ID: CVE-2017-11816 BugTraq ID: 101094 http://www.securityfocus.com/bid/101094 Common Vulnerability Exposure (CVE) ID: CVE-2017-11817 BugTraq ID: 101095 http://www.securityfocus.com/bid/101095 Common Vulnerability Exposure (CVE) ID: CVE-2017-11819 BugTraq ID: 101121 http://www.securityfocus.com/bid/101121 Common Vulnerability Exposure (CVE) ID: CVE-2017-11822 BugTraq ID: 101122 http://www.securityfocus.com/bid/101122 Common Vulnerability Exposure (CVE) ID: CVE-2017-11824 BugTraq ID: 101099 http://www.securityfocus.com/bid/101099 Common Vulnerability Exposure (CVE) ID: CVE-2017-8689 BugTraq ID: 101128 http://www.securityfocus.com/bid/101128 Common Vulnerability Exposure (CVE) ID: CVE-2017-13080 BugTraq ID: 101274 http://www.securityfocus.com/bid/101274 CERT/CC vulnerability note: VU#228519 http://www.kb.cert.org/vuls/id/228519 Cisco Security Advisory: 20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa Debian Security Information: DSA-3999 (Google Search) http://www.debian.org/security/2017/dsa-3999 FreeBSD Security Advisory: FreeBSD-SA-17:07 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://www.krackattacks.com/ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html RedHat Security Advisories: RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2907 RedHat Security Advisories: RHSA-2017:2911 https://access.redhat.com/errata/RHSA-2017:2911 http://www.securitytracker.com/id/1039572 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039578 http://www.securitytracker.com/id/1039581 http://www.securitytracker.com/id/1039585 http://www.securitytracker.com/id/1039703 SuSE Security Announcement: SUSE-SU-2017:2745 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html SuSE Security Announcement: SUSE-SU-2017:2752 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html SuSE Security Announcement: openSUSE-SU-2017:2755 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html http://www.ubuntu.com/usn/USN-3455-1
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.