【威胁通告】微软发布7月补丁修复55个安全问题

微软于周二发布了7月安全更新补丁,修复了55个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Internet Explorer、Microsoft Edge、Microsoft Windows、Microsoft Office和Microsoft Office Services and Web Apps、.NET Framework、Adobe Flash Player以及 Microsoft Exchange Server。

相关信息如下:

产品 CVE ID CVE标题
.NET Framework CVE-2017-8585 .NET拒绝服务漏洞
Adobe Flash Player ADV170009 7月闪存安全更新
ASP .NET CVE-2017-8582 Https.sys信息泄露漏洞
HoloLens CVE-2017-8584 HoloLens远程执行代码漏洞
Internet Explorer CVE-2017-8592 Microsoft浏览器安全功能绕过漏洞
Internet Explorer CVE-2017-8594 Internet Explorer内存损坏漏洞
Internet Explorer CVE-2017-8618 脚本引擎内存损坏漏洞
Kerberos CVE-2017-8495 Kerberos SNAME安全功能绕过漏洞
Microsoft Browsers CVE-2017-8602 微软浏览器欺骗漏洞
Microsoft Edge CVE-2017-8611 Microsoft Edge欺骗漏洞
Microsoft Edge CVE-2017-8596 Microsoft Edge内存损坏漏洞
Microsoft Edge CVE-2017-8617 Microsoft Edge远程执行代码漏洞
Microsoft Edge CVE-2017-8599 Microsoft Edge安全功能绕过漏洞
Microsoft Edge CVE-2017-8619 脚本引擎内存损坏漏洞
Microsoft Exchange Server CVE-2017-8621 Microsoft Exchange打开重定向漏洞
Microsoft Exchange Server CVE-2017-8560 Microsoft Exchange跨站脚本漏洞
Microsoft Exchange Server CVE-2017-8559 Microsoft Exchange跨站脚本漏洞
Microsoft Graphics Component CVE-2017-8577 Win32k提升特权漏洞
Microsoft Graphics Component CVE-2017-8578 Win32k提升特权漏洞
Microsoft Graphics Component CVE-2017-8573 微软图形组件提升特权漏洞
Microsoft Graphics Component CVE-2017-8574 微软图形组件提升特权漏洞
Microsoft Graphics Component CVE-2017-8556 微软图形组件提升特权漏洞
Microsoft Graphics Component CVE-2017-8580 Win32k提升特权漏洞
Microsoft NTFS CVE-2017-8587 Windows资源管理器拒绝服务漏洞
Microsoft Office CVE-2017-0243 Microsoft Office远程执行代码漏洞
Microsoft Office CVE-2017-8502 Microsoft Office内存损坏漏洞
Microsoft Office CVE-2017-8501 Microsoft Office内存损坏漏洞
Microsoft Office CVE-2017-8570 Microsoft Office远程执行代码漏洞
Microsoft Office CVE-2017-8569 SharePoint Server跨站脚本漏洞
Microsoft PowerShell CVE-2017-8565 Windows PowerShell远程执行代码漏洞
Microsoft Scripting Engine CVE-2017-8610 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8601 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8604 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8598 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8608 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8605 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8606 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8603 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8607 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8609 脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8595 脚本引擎内存损坏漏洞
Microsoft Windows CVE-2017-8557 Windows控制台信息泄露漏洞
Microsoft Windows CVE-2017-8566 Windows IME提升特权漏洞
Microsoft Windows CVE-2017-0170 Windows性能监视器信息泄露漏洞
Microsoft Windows CVE-2017-8590 Windows CLFS提升特权漏洞
Microsoft Windows CVE-2017-8562 Windows ALPC特权提升漏洞
Microsoft Windows CVE-2017-8589 Windows搜索远程执行代码漏洞
Microsoft Windows CVE-2017-8563 Windows提升特权漏洞
Microsoft写字板 CVE-2017-8588 写字板远程执行代码漏洞
Windows内核 CVE-2017-8564 Windows内核信息泄露漏洞
Windows内核 CVE-2017-8561 Windows内核提升特权漏洞
Windows内核模式驱动程序 CVE-2017-8486 Win32k信息泄露漏洞
Windows内核模式驱动程序 CVE-2017-8467 Win32k提升特权漏洞
Windows内核模式驱动程序 CVE-2017-8581 Win32k提升特权漏洞
Windows Shell CVE-2017-8463 Windows资源管理器远程执行代码漏洞

受影响的状况

见附件部分。

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

附件

CVE-2017-0243 – Microsoft Office Remote Code Execution Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-0243
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

 

The security update addresses the vulnerability by correcting how Microsoft Office handles files in memory.

 

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Remote Code Execution

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-0243
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Business Productivity Servers 2010 Service Pack 2 3203459 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2007 Service Pack 3 2880514 (Security Update) Important Remote Code Execution 2767772 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 3203468 (Security Update) Important Remote Code Execution 2956073 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 3203468 (Security Update) Important Remote Code Execution 2956073 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office Web Apps 2010 Service Pack 2 3203469 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8569 – SharePoint Server XSS Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8569
MITRE
NVD
CVE Title: SharePoint Server XSS Vulnerability
Description:An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim’s identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Elevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8569
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 3213544 (Security Update) Important Elevation of Privilege 3203432 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8570 – Microsoft Office Remote Code Execution Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8570
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

 

The security update addresses the vulnerability by correcting how Microsoft Office handles files in memory.

 

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Remote Code Execution

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8570
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2007 Service Pack 3 3213640 (Security Update) Important Remote Code Execution 3203436 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 3213624 (Security Update) Important Remote Code Execution 3203460 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 3213624 (Security Update) Important Remote Code Execution 3203460 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 RT Service Pack 1 3213555 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 3213555 (Security Update) Important Remote Code Execution 3203386 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 3213555 (Security Update) Important Remote Code Execution 3203386 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 (32-bit edition) 3213545 (Security Update) Important Remote Code Execution 3191882 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 (64-bit edition) 3213545 (Security Update) Important Remote Code Execution 3191882 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8573 – Microsoft Graphics Component Elevation of Privilege Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8573
MITRE
NVD
CVE Title: Microsoft Graphics Component Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Elevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8573
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4025338 (Security Update) Important Elevation of Privilege 4022727 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4025338 (Security Update) Important Elevation of Privilege 4022727 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for 32-bit Systems 4025344 (Security Update) Important Elevation of Privilege 4022714 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for x64-based Systems 4025344 (Security Update) Important Elevation of Privilege 4022714 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4025336 (Monthly Rollup) Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4025331 (Monthly Rollup)
4025343 (Security Only)
Important Elevation of Privilege 4022724 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4025331 (Monthly Rollup)
4025343 (Security Only)
Important Elevation of Privilege 4022724 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

CVE-2017-8574 – Microsoft Graphics Component Elevation of Privilege Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8574
MITRE
NVD
CVE Title: Microsoft Graphics Component Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Elevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8574
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

CVE-2017-8577 – Win32k Elevation of Privilege Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8577
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Elevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8577
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4025338 (Security Update) Important Elevation of Privilege 4022727 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4025338 (Security Update) Important Elevation of Privilege 4022727 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for 32-bit Systems 4025344 (Security Update) Important Elevation of Privilege 4022714 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for x64-based Systems 4025344 (Security Update) Important Elevation of Privilege 4022714 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4025342 (Security Update) Important Elevation of Privilege 4022725 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4025336 (Monthly Rollup) Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4025877 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4025337 (Security Only)
4025341 (Monthly Rollup)
Important Elevation of Privilege 4022719 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4025331 (Monthly Rollup)
4025343 (Security Only)
Important Elevation of Privilege 4022724 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4025331 (Monthly Rollup)
4025343 (Security Only)
Important Elevation of Privilege 4022724 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4025333 (Security Only)
4025336 (Monthly Rollup)
Important Elevation of Privilege 4022726 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4025339 (Security Update) Important Elevation of Privilege 4022715 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

 

CVE-2017-8578 – Win32k Elevation of Privilege Vulnerability

CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-8578
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

Important Elevation of Privilege

更多内容下载:微软发布7月补丁修复55个安全问题安全威胁通告

声 明

本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。

关于绿盟科技

北京神州绿盟信息安全科技股份有限公司(简称绿盟科技)成立于2000年4月,总部位于北京。在国内外设有30多个分支机构,为政府、运营商、金融、能源、互联网以及教育、医疗等行业用户,提供具有核心竞争力的安全产品及解决方案,帮助客户实现业务的安全顺畅运行。

基于多年的安全攻防研究,绿盟科技在网络及终端安全、互联网基础安全、合规及安全管理等领域,为客户提供入侵检测/防护、抗拒绝服务攻击、远程安全评估以及Web安全防护等产品以及专业安全服务。

北京神州绿盟信息安全科技股份有限公司于2014年1月29日起在深圳证券交易所创业板上市交易,股票简称:绿盟科技,股票代码:300369。

如果您需要了解更多内容,可以
加入QQ群:570982169
直接询问:010-68438880

发表评论