【威胁通告】微软发布7月补丁修复55个安全问题

微软于周二发布了7月安全更新补丁,修复了55个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Internet Explorer、Microsoft Edge、Microsoft Windows、Microsoft Office和Microsoft Office Services and Web Apps、.NET Framework、Adobe Flash Player以及 Microsoft Exchange Server。

相关信息如下:

产品CVE IDCVE标题
.NET FrameworkCVE-2017-8585.NET拒绝服务漏洞
Adobe Flash PlayerADV1700097月闪存安全更新
ASP .NETCVE-2017-8582Https.sys信息泄露漏洞
HoloLensCVE-2017-8584HoloLens远程执行代码漏洞
Internet Explorer CVE-2017-8592Microsoft浏览器安全功能绕过漏洞
Internet ExplorerCVE-2017-8594Internet Explorer内存损坏漏洞
Internet ExplorerCVE-2017-8618脚本引擎内存损坏漏洞
KerberosCVE-2017-8495Kerberos SNAME安全功能绕过漏洞
Microsoft BrowsersCVE-2017-8602微软浏览器欺骗漏洞
Microsoft EdgeCVE-2017-8611Microsoft Edge欺骗漏洞
Microsoft EdgeCVE-2017-8596Microsoft Edge内存损坏漏洞
Microsoft EdgeCVE-2017-8617Microsoft Edge远程执行代码漏洞
Microsoft Edge CVE-2017-8599Microsoft Edge安全功能绕过漏洞
Microsoft Edge CVE-2017-8619脚本引擎内存损坏漏洞
Microsoft Exchange ServerCVE-2017-8621Microsoft Exchange打开重定向漏洞
Microsoft Exchange ServerCVE-2017-8560Microsoft Exchange跨站脚本漏洞
Microsoft Exchange ServerCVE-2017-8559Microsoft Exchange跨站脚本漏洞
Microsoft Graphics Component CVE-2017-8577Win32k提升特权漏洞
Microsoft Graphics ComponentCVE-2017-8578Win32k提升特权漏洞
Microsoft Graphics ComponentCVE-2017-8573微软图形组件提升特权漏洞
Microsoft Graphics ComponentCVE-2017-8574微软图形组件提升特权漏洞
Microsoft Graphics ComponentCVE-2017-8556微软图形组件提升特权漏洞
Microsoft Graphics Component CVE-2017-8580Win32k提升特权漏洞
Microsoft NTFSCVE-2017-8587Windows资源管理器拒绝服务漏洞
Microsoft OfficeCVE-2017-0243Microsoft Office远程执行代码漏洞
Microsoft OfficeCVE-2017-8502Microsoft Office内存损坏漏洞
Microsoft OfficeCVE-2017-8501Microsoft Office内存损坏漏洞
Microsoft OfficeCVE-2017-8570Microsoft Office远程执行代码漏洞
Microsoft OfficeCVE-2017-8569SharePoint Server跨站脚本漏洞
Microsoft PowerShellCVE-2017-8565Windows PowerShell远程执行代码漏洞
Microsoft Scripting EngineCVE-2017-8610脚本引擎内存损坏漏洞
Microsoft Scripting EngineCVE-2017-8601脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8604脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8598脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8608脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8605脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8606脚本引擎内存损坏漏洞
Microsoft Scripting Engine CVE-2017-8603脚本引擎内存损坏漏洞
Microsoft Scripting EngineCVE-2017-8607脚本引擎内存损坏漏洞
Microsoft Scripting EngineCVE-2017-8609脚本引擎内存损坏漏洞
Microsoft Scripting EngineCVE-2017-8595脚本引擎内存损坏漏洞
Microsoft WindowsCVE-2017-8557Windows控制台信息泄露漏洞
Microsoft WindowsCVE-2017-8566Windows IME提升特权漏洞
Microsoft WindowsCVE-2017-0170Windows性能监视器信息泄露漏洞
Microsoft WindowsCVE-2017-8590Windows CLFS提升特权漏洞
Microsoft WindowsCVE-2017-8562Windows ALPC特权提升漏洞
Microsoft WindowsCVE-2017-8589Windows搜索远程执行代码漏洞
Microsoft WindowsCVE-2017-8563Windows提升特权漏洞
Microsoft写字板CVE-2017-8588写字板远程执行代码漏洞
Windows内核CVE-2017-8564Windows内核信息泄露漏洞
Windows内核CVE-2017-8561Windows内核提升特权漏洞
Windows内核模式驱动程序CVE-2017-8486Win32k信息泄露漏洞
Windows内核模式驱动程序CVE-2017-8467Win32k提升特权漏洞
Windows内核模式驱动程序CVE-2017-8581Win32k提升特权漏洞
Windows ShellCVE-2017-8463Windows资源管理器远程执行代码漏洞

受影响的状况

见附件部分。

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

附件

CVE-2017-0243 – Microsoft Office Remote Code Execution Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-0243
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

 

The security update addresses the vulnerability by correcting how Microsoft Office handles files in memory.

 

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantRemote Code Execution

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-0243
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Microsoft Business Productivity Servers 2010 Service Pack 23203459 (Security Update)ImportantRemote Code ExecutionNoneBase: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2007 Service Pack 32880514 (Security Update)ImportantRemote Code Execution2767772Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions)3203468 (Security Update)ImportantRemote Code Execution2956073Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions)3203468 (Security Update)ImportantRemote Code Execution2956073Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office Web Apps 2010 Service Pack 23203469 (Security Update)ImportantRemote Code ExecutionNoneBase: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8569 – SharePoint Server XSS Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8569
MITRE
NVD
CVE Title: SharePoint Server XSS Vulnerability
Description:An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim’s identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantElevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8569
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Microsoft SharePoint Enterprise Server 20163213544 (Security Update)ImportantElevation of Privilege3203432Base: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8570 – Microsoft Office Remote Code Execution Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8570
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

 

The security update addresses the vulnerability by correcting how Microsoft Office handles files in memory.

 

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantRemote Code Execution

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8570
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Microsoft Office 2007 Service Pack 33213640 (Security Update)ImportantRemote Code Execution3203436Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions)3213624 (Security Update)ImportantRemote Code Execution3203460Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions)3213624 (Security Update)ImportantRemote Code Execution3203460Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 RT Service Pack 13213555 (Security Update)ImportantRemote Code ExecutionNoneBase: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions)3213555 (Security Update)ImportantRemote Code Execution3203386Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions)3213555 (Security Update)ImportantRemote Code Execution3203386Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 (32-bit edition)3213545 (Security Update)ImportantRemote Code Execution3191882Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 (64-bit edition)3213545 (Security Update)ImportantRemote Code Execution3191882Base: N/A
Temporal: N/A
Vector: N/A
Maybe

 

CVE-2017-8573 – Microsoft Graphics Component Elevation of Privilege Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8573
MITRE
NVD
CVE Title: Microsoft Graphics Component Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantElevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8573
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Windows 10 for 32-bit Systems4025338 (Security Update)ImportantElevation of Privilege4022727Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems4025338 (Security Update)ImportantElevation of Privilege4022727Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for 32-bit Systems4025344 (Security Update)ImportantElevation of Privilege4022714Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for x64-based Systems4025344 (Security Update)ImportantElevation of Privilege4022714Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.14025336 (Monthly Rollup)ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)4025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)4025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)4025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 20124025331 (Monthly Rollup)
4025343 (Security Only)
ImportantElevation of Privilege4022724Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation)4025331 (Monthly Rollup)
4025343 (Security Only)
ImportantElevation of Privilege4022724Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R24025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation)4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 20164025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation)4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

CVE-2017-8574 – Microsoft Graphics Component Elevation of Privilege Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8574
MITRE
NVD
CVE Title: Microsoft Graphics Component Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantElevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8574
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Windows 10 Version 1607 for 32-bit Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 20164025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation)4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

CVE-2017-8577 – Win32k Elevation of Privilege Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8577
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantElevation of Privilege

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-8577
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Windows 10 for 32-bit Systems4025338 (Security Update)ImportantElevation of Privilege4022727Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems4025338 (Security Update)ImportantElevation of Privilege4022727Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for 32-bit Systems4025344 (Security Update)ImportantElevation of Privilege4022714Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1511 for x64-based Systems4025344 (Security Update)ImportantElevation of Privilege4022714Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems4025342 (Security Update)ImportantElevation of Privilege4022725Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.14025336 (Monthly Rollup)ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)4025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Windows Server 2008 for Itanium-Based Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 24025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)4025877 (Security Update)ImportantElevation of PrivilegeNoneBase: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 14025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)4025337 (Security Only)
4025341 (Monthly Rollup)
ImportantElevation of Privilege4022719Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 20124025331 (Monthly Rollup)
4025343 (Security Only)
ImportantElevation of Privilege4022724Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation)4025331 (Monthly Rollup)
4025343 (Security Only)
ImportantElevation of Privilege4022724Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R24025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation)4025333 (Security Only)
4025336 (Monthly Rollup)
ImportantElevation of Privilege4022726Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 20164025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation)4025339 (Security Update)ImportantElevation of Privilege4022715Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

 

CVE-2017-8578 – Win32k Elevation of Privilege Vulnerability

CVE IDVulnerability DescriptionMaximum Severity RatingVulnerability Impact
CVE-2017-8578
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:An elevation of privilege vulnerability exists in Windows when the Microsoft Graphics Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting how the Microsoft Graphics Component handles objects in memory.

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2017-07-11T07:00:00    Information published.

ImportantElevation of Privilege

更多内容下载:微软发布7月补丁修复55个安全问题安全威胁通告

声 明

本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。

关于绿盟科技

北京神州绿盟信息安全科技股份有限公司(简称绿盟科技)成立于2000年4月,总部位于北京。在国内外设有30多个分支机构,为政府、运营商、金融、能源、互联网以及教育、医疗等行业用户,提供具有核心竞争力的安全产品及解决方案,帮助客户实现业务的安全顺畅运行。

基于多年的安全攻防研究,绿盟科技在网络及终端安全、互联网基础安全、合规及安全管理等领域,为客户提供入侵检测/防护、抗拒绝服务攻击、远程安全评估以及Web安全防护等产品以及专业安全服务。

北京神州绿盟信息安全科技股份有限公司于2014年1月29日起在深圳证券交易所创业板上市交易,股票简称:绿盟科技,股票代码:300369。

如果您需要了解更多内容,可以
加入QQ群:570982169
直接询问:010-68438880

Spread the word. Share this post!

Meet The Author

Leave Comment