Windows : Microsoft Bulletins : Microsoft Windows Multiple Vulnerabilities (KB4048954)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.812089
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Multiple Vulnerabilities (KB4048954)
Summary:	This host is missing a critical security; update according to Microsoft KB4048954
Description:	Summary: This host is missing a critical security update according to Microsoft KB4048954 Vulnerability Insight: Multiple flaws exist due to: - An error when the Windows kernel fails to properly initialize a memory address. - A security feature bypass when Device Guard incorrectly validates an untrusted file. - An error in the way that Microsoft Edge handles cross-origin requests. - An error when the scripting engine does not properly handle objects in memory in Internet Explorer. - An error in the way the scripting engine handles objects in memory in Microsoft browsers. - An error in the way that the scripting engine handles objects in memory in Microsoft Edge. - An error when the Windows GDI component improperly discloses kernel memory addresses. - An error when Windows Search improperly handles objects in memory. - An error when the Windows kernel fails to properly handle objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to gain access to potentially sensitive information, fake unsigned file appear to be signed, determine the origin of all web pages in the affected browser, gain the same user rights as the current user, cause a remote denial of service against a system, test for the presence of files on disk, force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice and run arbitrary code in kernel mode. Affected Software/OS: Microsoft Windows 10 Version 1703 x32/x64. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-11839 BugTraq ID: 101735 http://www.securityfocus.com/bid/101735 https://www.exploit-db.com/exploits/43180/ http://www.securitytracker.com/id/1039780 Common Vulnerability Exposure (CVE) ID: CVE-2017-11840 BugTraq ID: 101734 http://www.securityfocus.com/bid/101734 https://www.exploit-db.com/exploits/43183/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11841 BugTraq ID: 101733 http://www.securityfocus.com/bid/101733 https://www.exploit-db.com/exploits/43181/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11842 BugTraq ID: 101719 http://www.securityfocus.com/bid/101719 http://www.securitytracker.com/id/1039782 Common Vulnerability Exposure (CVE) ID: CVE-2017-11843 BugTraq ID: 101740 http://www.securityfocus.com/bid/101740 http://www.securitytracker.com/id/1039781 Common Vulnerability Exposure (CVE) ID: CVE-2017-11768 BugTraq ID: 101705 http://www.securityfocus.com/bid/101705 http://www.securitytracker.com/id/1039794 Common Vulnerability Exposure (CVE) ID: CVE-2017-11873 BugTraq ID: 101728 http://www.securityfocus.com/bid/101728 https://www.exploit-db.com/exploits/43154/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11874 BugTraq ID: 101750 http://www.securityfocus.com/bid/101750 http://www.securitytracker.com/id/1039801 Common Vulnerability Exposure (CVE) ID: CVE-2017-11880 BugTraq ID: 101755 http://www.securityfocus.com/bid/101755 Common Vulnerability Exposure (CVE) ID: CVE-2017-11788 BugTraq ID: 101711 http://www.securityfocus.com/bid/101711 http://www.securitytracker.com/id/1039792 Common Vulnerability Exposure (CVE) ID: CVE-2017-11791 BugTraq ID: 101715 http://www.securityfocus.com/bid/101715 http://www.securitytracker.com/id/1039796 http://www.securitytracker.com/id/1039797 Common Vulnerability Exposure (CVE) ID: CVE-2017-11803 BugTraq ID: 101704 http://www.securityfocus.com/bid/101704 Common Vulnerability Exposure (CVE) ID: CVE-2017-11827 BugTraq ID: 101703 http://www.securityfocus.com/bid/101703 Common Vulnerability Exposure (CVE) ID: CVE-2017-11830 BugTraq ID: 101714 http://www.securityfocus.com/bid/101714 https://www.exploit-db.com/exploits/43162/ http://www.securitytracker.com/id/1039790 Common Vulnerability Exposure (CVE) ID: CVE-2017-11831 BugTraq ID: 101721 http://www.securityfocus.com/bid/101721 https://www.exploit-db.com/exploits/43165/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11833 BugTraq ID: 101706 http://www.securityfocus.com/bid/101706 Common Vulnerability Exposure (CVE) ID: CVE-2017-11834 BugTraq ID: 101725 http://www.securityfocus.com/bid/101725 Common Vulnerability Exposure (CVE) ID: CVE-2017-11836 BugTraq ID: 101727 http://www.securityfocus.com/bid/101727 Common Vulnerability Exposure (CVE) ID: CVE-2017-11837 BugTraq ID: 101722 http://www.securityfocus.com/bid/101722 Common Vulnerability Exposure (CVE) ID: CVE-2017-11838 BugTraq ID: 101737 http://www.securityfocus.com/bid/101737 Common Vulnerability Exposure (CVE) ID: CVE-2017-11844 BugTraq ID: 101707 http://www.securityfocus.com/bid/101707 Common Vulnerability Exposure (CVE) ID: CVE-2017-11845 BugTraq ID: 101708 http://www.securityfocus.com/bid/101708 Common Vulnerability Exposure (CVE) ID: CVE-2017-11846 BugTraq ID: 101741 http://www.securityfocus.com/bid/101741 Common Vulnerability Exposure (CVE) ID: CVE-2017-11847 BugTraq ID: 101729 http://www.securityfocus.com/bid/101729 Common Vulnerability Exposure (CVE) ID: CVE-2017-11848 BugTraq ID: 101709 http://www.securityfocus.com/bid/101709 Common Vulnerability Exposure (CVE) ID: CVE-2017-11849 BugTraq ID: 101762 http://www.securityfocus.com/bid/101762 Common Vulnerability Exposure (CVE) ID: CVE-2017-11850 BugTraq ID: 101738 http://www.securityfocus.com/bid/101738 Common Vulnerability Exposure (CVE) ID: CVE-2017-11851 BugTraq ID: 101763 http://www.securityfocus.com/bid/101763 Common Vulnerability Exposure (CVE) ID: CVE-2017-11853 BugTraq ID: 101764 http://www.securityfocus.com/bid/101764 Common Vulnerability Exposure (CVE) ID: CVE-2017-11855 BugTraq ID: 101751 http://www.securityfocus.com/bid/101751 https://www.exploit-db.com/exploits/43371/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11856 BugTraq ID: 101753 http://www.securityfocus.com/bid/101753 Common Vulnerability Exposure (CVE) ID: CVE-2017-11858 BugTraq ID: 101716 http://www.securityfocus.com/bid/101716 Common Vulnerability Exposure (CVE) ID: CVE-2017-11861 BugTraq ID: 101723 http://www.securityfocus.com/bid/101723 https://www.exploit-db.com/exploits/43153/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11863 BugTraq ID: 101748 http://www.securityfocus.com/bid/101748 Common Vulnerability Exposure (CVE) ID: CVE-2017-11866 BugTraq ID: 101732 http://www.securityfocus.com/bid/101732 Common Vulnerability Exposure (CVE) ID: CVE-2017-11869 BugTraq ID: 101742 http://www.securityfocus.com/bid/101742 Common Vulnerability Exposure (CVE) ID: CVE-2017-11870 BugTraq ID: 101731 http://www.securityfocus.com/bid/101731 https://www.exploit-db.com/exploits/43182/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11871 BugTraq ID: 101730 http://www.securityfocus.com/bid/101730 Common Vulnerability Exposure (CVE) ID: CVE-2017-11872 BugTraq ID: 101749 http://www.securityfocus.com/bid/101749
Copyright	Copyright (C) 2017 Greenbone AG