[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Jul 12 05:21:27 PDT 2017
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 550 Published: Tue, 11 Jul 2017 20:00:27 GMT
New Fixlets:
============
***************************************************************
Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-8488
Severity: Low
Fixlet ID: 267701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2677
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8488
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8485, CVE-2017-8483, CVE-2017-8482, CVE-2017-8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE-2017-8469, CVE-2017-8462, CVE-2017-0300, CVE-2017-0299, and CVE-2017-0297.
***************************************************************
Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-8483
Severity: Low
Fixlet ID: 267801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2678
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8483
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE-2017-8482, CVE-2017-8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE-2017-8469, CVE-2017-8462, CVE-2017-0300, CVE-2017-0299, and CVE-2017-0297.
***************************************************************
Title: Hypervisor Code Integrity Elevation of Privilege Vulnerability - CVE-2017-0193
Severity: Medium
Fixlet ID: 268301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2683
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0193
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to gain elevated privileges on a target guest operating system when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability".
***************************************************************
Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-8469
Severity: Low
Fixlet ID: 268401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2684
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8469
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE-2017-8483, CVE-2017-8482, CVE-2017-8481, CVE-2017-8480, CVE-2017-8478, CVE-2017-8479, CVE-2017-8476, CVE-2017-8474, CVE-2017-8462, CVE-2017-0300, CVE-2017-0299, and CVE-2017-0297.
***************************************************************
Title: GDI Information Disclosure Vulnerablity - CVE-2017-8553
Severity: Low
Fixlet ID: 268502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2685
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8553
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".
***************************************************************
Title: Windows Security Feature Bypass Vulnerability - CVE-2017-8493
Severity: Low
Fixlet ID: 268701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2687
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8493
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".
***************************************************************
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2017-0218
Severity: Medium
Fixlet ID: 268801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2688
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0218
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0216, and CVE-2017-0219.
***************************************************************
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2017-0173
Severity: Medium
Fixlet ID: 268902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2689
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0173
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219.
***************************************************************
Title: Windows Elevation of Privilege Vulnerability - CVE-2017-8494
Severity: Medium
Fixlet ID: 269001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2690
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8494
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".
***************************************************************
Title: Windows Cursor Elevation of Privilege Vulnerability - CVE-2017-8466
Severity: High
Fixlet ID: 269101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2691
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8466
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request to cause a denial of service on the target system, aka "Windows VAD Cloning Denial of Service Vulnerability".
***************************************************************
Title: Windows COM Session Elevation of Privilege Vulnerability - CVE-2017-0298
Severity: Medium
Fixlet ID: 269202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2692
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0298
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, when configured to run as the interactive user, allows an authenticated attacker to run arbitrary code in another user's session, aka "Windows COM Session Elevation of Privilege Vulnerability."
***************************************************************
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2017-0219
Severity: Medium
Fixlet ID: 269301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2693
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0219
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0216, and CVE-2017-0218.
***************************************************************
Title: Windows Default Folder Tampering Vulnerability - CVE-2017-0295
Severity: Low
Fixlet ID: 269401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2694
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0295
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability".
***************************************************************
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2017-0215
Severity: Medium
Fixlet ID: 269501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2695
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0215
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219.
***************************************************************
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2017-0216
Severity: Medium
Fixlet ID: 269601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2696
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0216
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0218, and CVE-2017-0219.
***************************************************************
Title: Windows VAD Cloning Denial of Service Vulnerability - CVE-2017-8515
Severity: Medium
Fixlet ID: 269701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2697
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8515
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request to cause a denial of service on the target system, aka "Windows VAD Cloning Denial of Service Vulnerability".
***************************************************************
Title: Microsoft SharePoint Reflective XSS Vulnerability - CVE-2017-8514
Severity: Low
Fixlet ID: 269801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2698
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8514
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
More information about the WinVulns-Announcements
mailing list