English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 114770 CVE descriptions
and 58768 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.811759
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4038783)
Summary:This host is missing a critical security; update according to Microsoft KB4038783
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4038783

Vulnerability Insight:
Multiple flaw exists due to,

- When Windows Hyper-V on a host operating system fails to properly validate
input from an authenticated user on a guest operating system.
- An error in Windows Error Reporting (WER) when WER handles and executes files.
- When the Windows kernel fails to properly initialize a memory address,
allowing an attacker to retrieve information that could lead to a Kernel Address
Space Layout Randomization (KASLR) bypass.
- When the Windows kernel improperly handles objects in memory.
- When Microsoft Edge improperly handles clipboard events.
- An error in Microsoft's implementation of the Bluetooth stack.
- An error in the way that Microsoft browser JavaScript engines render content when
handling objects in memory.
- When Microsoft Edge improperly accesses objects in memory.
- An error due to the way Windows Uniscribe handles objects in memory.
- When the Microsoft Windows Graphics Component improperly handles objects in
memory.
- When Microsoft browsers improperly access objects in memory.
- An error in the way that the scripting engine handles objects in memory in
Microsoft Edge.
- A security feature bypass exists in Microsoft Edge when the Edge Content
Security Policy (CSP) fails to properly validate certain specially crafted
documents.
- An error in the way Microsoft Edge handles objects in memory.
- When Internet Explorer improperly handles specific HTML content.
- When Microsoft Windows PDF Library improperly handles objects in memory.
- An error in Microsoft browsers due to improper parent domain verification in
certain functionality.
- When Microsoft Edge does not properly parse HTTP content.
- An error in the way that the Windows Graphics Device Interface (GDI) handles
objects in memory, allowing an attacker to retrieve information from a targeted
system.
- When the Windows GDI+ component improperly discloses kernel memory addresses.
- An error in Windows when the Windows kernel-mode driver fails to properly handle
objects in memory.
- An error in the way that the Windows Graphics Device Interface+ (GDI+) handles
objects in memory, allowing an attacker to retrieve information from a targeted
system.
- An error when Windows Shell does not properly validate file copy destinations.
- When Windows Uniscribe improperly discloses the contents of its memory.
- An error in Windows kernel that could allow an attacker to retrieve information
that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.
- When Internet Explorer improperly accesses objects in memory.
- When the Windows font library improperly handles specially crafted embedded
fonts.
- An error in Windows when the Win32k component fails to properly handle objects in
memory.

Vulnerability Impact:
Successful exploitation will allow attacker to
gain access to potentially sensitive information, perform a man-in-the-middle
attack and force a user's computer to unknowingly route traffic through the
attacker's computer, embed an ActiveX control, execute arbitrary code, take control
of the affected system, gain the same user rights as the current user, conduct
phishing attack and conduct redirect attacks.

Impact Level: System

Affected Software/OS:
Microsoft Windows 10 Version 1511 x32/x64

Solution:
Run Windows Update and update the
listed hotfixes or download and update mentioned hotfixes in the advisory
from the below link,
https://support.microsoft.com/en-us/help/4038783

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-0161
BugTraq ID: 100728
http://www.securityfocus.com/bid/100728
http://www.securitytracker.com/id/1039318
Common Vulnerability Exposure (CVE) ID: CVE-2017-8720
BugTraq ID: 100804
http://www.securityfocus.com/bid/100804
http://www.securitytracker.com/id/1039325
Common Vulnerability Exposure (CVE) ID: CVE-2017-8723
BugTraq ID: 100768
http://www.securityfocus.com/bid/100768
http://www.securitytracker.com/id/1039326
Common Vulnerability Exposure (CVE) ID: CVE-2017-8728
BugTraq ID: 100739
http://www.securityfocus.com/bid/100739
http://www.securitytracker.com/id/1039327
Common Vulnerability Exposure (CVE) ID: CVE-2017-8628
BugTraq ID: 100744
http://www.securityfocus.com/bid/100744
http://www.securitytracker.com/id/1039339
Common Vulnerability Exposure (CVE) ID: CVE-2017-8643
BugTraq ID: 100747
http://www.securityfocus.com/bid/100747
Common Vulnerability Exposure (CVE) ID: CVE-2017-8733
BugTraq ID: 100737
http://www.securityfocus.com/bid/100737
http://www.securitytracker.com/id/1039328
Common Vulnerability Exposure (CVE) ID: CVE-2017-8734
https://www.exploit-db.com/exploits/42759/
BugTraq ID: 100738
http://www.securityfocus.com/bid/100738
Common Vulnerability Exposure (CVE) ID: CVE-2017-8735
BugTraq ID: 100740
http://www.securityfocus.com/bid/100740
Common Vulnerability Exposure (CVE) ID: CVE-2017-8736
BugTraq ID: 100743
http://www.securityfocus.com/bid/100743
http://www.securitytracker.com/id/1039342
http://www.securitytracker.com/id/1039343
Common Vulnerability Exposure (CVE) ID: CVE-2017-8660
BugTraq ID: 100757
http://www.securityfocus.com/bid/100757
Common Vulnerability Exposure (CVE) ID: CVE-2017-8675
BugTraq ID: 100752
http://www.securityfocus.com/bid/100752
Common Vulnerability Exposure (CVE) ID: CVE-2017-8676
BugTraq ID: 100755
http://www.securityfocus.com/bid/100755
http://www.securitytracker.com/id/1039333
Common Vulnerability Exposure (CVE) ID: CVE-2017-8737
BugTraq ID: 100749
http://www.securityfocus.com/bid/100749
Common Vulnerability Exposure (CVE) ID: CVE-2017-8738
BugTraq ID: 100759
http://www.securityfocus.com/bid/100759
Common Vulnerability Exposure (CVE) ID: CVE-2017-8741
BugTraq ID: 100764
http://www.securityfocus.com/bid/100764
Common Vulnerability Exposure (CVE) ID: CVE-2017-8677
BugTraq ID: 100767
http://www.securityfocus.com/bid/100767
http://www.securitytracker.com/id/1039338
Common Vulnerability Exposure (CVE) ID: CVE-2017-8678
https://www.exploit-db.com/exploits/42750/
BugTraq ID: 100769
http://www.securityfocus.com/bid/100769
Common Vulnerability Exposure (CVE) ID: CVE-2017-8747
BugTraq ID: 100765
http://www.securityfocus.com/bid/100765
Common Vulnerability Exposure (CVE) ID: CVE-2017-8748
BugTraq ID: 100766
http://www.securityfocus.com/bid/100766
Common Vulnerability Exposure (CVE) ID: CVE-2017-8679
BugTraq ID: 100720
http://www.securityfocus.com/bid/100720
Common Vulnerability Exposure (CVE) ID: CVE-2017-8749
BugTraq ID: 100770
http://www.securityfocus.com/bid/100770
Common Vulnerability Exposure (CVE) ID: CVE-2017-8750
BugTraq ID: 100771
http://www.securityfocus.com/bid/100771
Common Vulnerability Exposure (CVE) ID: CVE-2017-8752
BugTraq ID: 100775
http://www.securityfocus.com/bid/100775
Common Vulnerability Exposure (CVE) ID: CVE-2017-8753
BugTraq ID: 100776
http://www.securityfocus.com/bid/100776
Common Vulnerability Exposure (CVE) ID: CVE-2017-8754
BugTraq ID: 100779
http://www.securityfocus.com/bid/100779
Common Vulnerability Exposure (CVE) ID: CVE-2017-8681
https://www.exploit-db.com/exploits/42742/
BugTraq ID: 100727
http://www.securityfocus.com/bid/100727
Common Vulnerability Exposure (CVE) ID: CVE-2017-8682
https://www.exploit-db.com/exploits/42744/
BugTraq ID: 100772
http://www.securityfocus.com/bid/100772
http://www.securitytracker.com/id/1039352
Common Vulnerability Exposure (CVE) ID: CVE-2017-8683
https://www.exploit-db.com/exploits/42746/
BugTraq ID: 100781
http://www.securityfocus.com/bid/100781
Common Vulnerability Exposure (CVE) ID: CVE-2017-8755
https://www.exploit-db.com/exploits/42766/
BugTraq ID: 100778
http://www.securityfocus.com/bid/100778
Common Vulnerability Exposure (CVE) ID: CVE-2017-8756
BugTraq ID: 100718
http://www.securityfocus.com/bid/100718
Common Vulnerability Exposure (CVE) ID: CVE-2017-8757
BugTraq ID: 100721
http://www.securityfocus.com/bid/100721
Common Vulnerability Exposure (CVE) ID: CVE-2017-8759
https://www.exploit-db.com/exploits/42711/
https://github.com/bhdresh/CVE-2017-8759
BugTraq ID: 100742
http://www.securityfocus.com/bid/100742
http://www.securitytracker.com/id/1039324
Common Vulnerability Exposure (CVE) ID: CVE-2017-8687
https://www.exploit-db.com/exploits/42749/
BugTraq ID: 100736
http://www.securityfocus.com/bid/100736
Common Vulnerability Exposure (CVE) ID: CVE-2017-8688
BugTraq ID: 100756
http://www.securityfocus.com/bid/100756
Common Vulnerability Exposure (CVE) ID: CVE-2017-8692
BugTraq ID: 100762
http://www.securityfocus.com/bid/100762
http://www.securitytracker.com/id/1039344
Common Vulnerability Exposure (CVE) ID: CVE-2017-8699
BugTraq ID: 100783
http://www.securityfocus.com/bid/100783
http://www.securitytracker.com/id/1039331
Common Vulnerability Exposure (CVE) ID: CVE-2017-8702
BugTraq ID: 100785
http://www.securityfocus.com/bid/100785
http://www.securitytracker.com/id/1039353
Common Vulnerability Exposure (CVE) ID: CVE-2017-8706
BugTraq ID: 100789
http://www.securityfocus.com/bid/100789
http://www.securitytracker.com/id/1039317
Common Vulnerability Exposure (CVE) ID: CVE-2017-8707
BugTraq ID: 100790
http://www.securityfocus.com/bid/100790
Common Vulnerability Exposure (CVE) ID: CVE-2017-8708
https://www.exploit-db.com/exploits/42743/
BugTraq ID: 100791
http://www.securityfocus.com/bid/100791
Common Vulnerability Exposure (CVE) ID: CVE-2017-8709
BugTraq ID: 100792
http://www.securityfocus.com/bid/100792
Common Vulnerability Exposure (CVE) ID: CVE-2017-8713
BugTraq ID: 100796
http://www.securityfocus.com/bid/100796
Common Vulnerability Exposure (CVE) ID: CVE-2017-8719
BugTraq ID: 100803
http://www.securityfocus.com/bid/100803
Common Vulnerability Exposure (CVE) ID: CVE-2017-8695
BugTraq ID: 100773
http://www.securityfocus.com/bid/100773
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 58768 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.