Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution
15 March 2017
Remote code execution, security feature bypass, information disclosure, denial of service, escalation of privilege
Multiple vulnerabilities in Microsoft Windows could lead to varying impacts that include remote code execution, security feature bypass, information disclosure, denial of service, and escalatio of privilege.
Microsoft has released a security update to address multiple vulnerabilities found in the Windows systems. A total of six vulnerabilities were identified, each caused by varying factor and each could lead to a different impact:
- A vulnerability in the Device Guard caused by improper validation of elements in a signed PowerShell script could allow security feature bypass.
- A vulnerability in the Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) caused by improper handling of requests could allow denial of service.
- A vulnerability in Microsoft Windows caused by improper validation of input when loading dynamic link library (DLL) files could allow remote code execution.
- A vulnerability in Windows DNS client caused by improper handling of requests could allow information disclosure.
- A vulnerability in Windows HelpPane caused by improper authentication of the client could allow escalation of privilege. To successfully exploit this vulnerability, the attacker must first log on to the system.
- A vulnerability in the iSNS Server caused by improper validation of input from the client could allow remote code execution.
All of the issues mentioned above has been rectified in the latest security update by making corrective modifications on applicable components.
CVE-2017-0007, CVE-2017-0016, CVE-2017-0039, CVE-2017-0057, CVE-2017-0100, CVE-2017-0104
Install the latest security patch for applicable system, available for download from https://technet.microsoft.com/en-us/library/security/MS17-012