SB2017041204 - Multiple vulnerabilities in Microsoft Windows
Published: April 12, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2017-0192)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to improper handling of objects in memory in Adobe Type Manager Font Driver (ATMFD.dll). A local user can gain access to potentially sensitive information.
2) Buffer overflow (CVE-ID: CVE-2017-0166)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing LDAP requests. A remote attacker can send a specially crafted LDAP requests to domain controller, trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on the system with elevated privileges.
3) Information disclosure (CVE-ID: CVE-2013-6629)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error in get_sos() function in jdmarker.c file within the libjpeg and libjpeg-turbo libraries when processing JPEG files. A remote attacker can create a specially crafeted JPEG file and read parts of unallocated memory on the system.
Successful exploitation of the vulnerability may allow an attacker to gain access to potentially sensitive information.
4) Privilege escalation (CVE-ID: CVE-2017-0189)
The vulnerability allows a local user to obtain elevated privileges.
The vulnerability exists due to an error in Win32k.sys driver when handling objects in memory. A local user can execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability may allow a local user to elevate his privileges on the system.
5) Information disclosure (CVE-ID: CVE-2017-0058)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error in Win32k.sys driver when processing objects in memory. A local user can obtain potentially sensitive information.
6) Information disclosure (CVE-ID: CVE-2017-0188)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error in Win32k.sys driver when processing objects in memory. A local user can obtain potentially sensitive information.
7) Denial of service (CVE-ID: CVE-2017-0191)
The vulnerability allows a remote attacker to trigger denial of service.
The vulnerability exists due to the way that Windows handles objects in memory. A remote attacker can perform a denial of service attack against vulnerable system.
8) Privilege escalation (CVE-ID: CVE-2017-0165)
The vulnerability allows a local user to obtain elevated privileges.
The vulnerability exists due to an error when handling objects in memory. A local user can execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability may allow a local user to elevate his privileges on the system.
9) Information disclosure (CVE-ID: CVE-2017-0167)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error when the Windows kernel improperly handles objects in memory.. A local user can obtain potentially sensitive information.
10) Privilege escalation (CVE-ID: CVE-2017-0211)
The vulnerability allows a local user to obtain elevated privileges.
The vulnerability exists in Microsoft Windows OLE when it fails an integrity-level check.. A local user can execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may allow a local user to elevate his privileges on the system.
Remediation
Install update from vendor's website.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0192
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0166
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0189
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0058
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0191
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0167
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211