Vulnerability Protection

Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution

Details

Report ID:

MS-2017-03-07

Date Published:

15 March 2017

Date Revised:

Criticality:

Critical

Compromise Type:

Remote code execution, security feature bypass, information disclosure, denial of service, escalation of privilege

Compromise From:

Remote

Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT 8.1
Windows 10
Windows Server 2016

Summary

Multiple vulnerabilities in Microsoft Windows could lead to varying impacts that include remote code execution, security feature bypass, information disclosure, denial of service, and escalatio of privilege. 

Detailed Description

Microsoft has released a security update to address multiple vulnerabilities found in the Windows systems. A total of six vulnerabilities were identified, each caused by varying factor and each could lead to a different impact: 

  1. A vulnerability in the Device Guard caused by improper validation of elements in a signed PowerShell script could allow security feature bypass.
  2. A vulnerability in the Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) caused by improper handling of requests could allow denial of service. 
  3. A vulnerability in Microsoft Windows caused by improper validation of input when loading dynamic link library (DLL) files could allow remote code execution.
  4. A vulnerability in Windows DNS client caused by improper handling of requests could allow information disclosure. 
  5. A vulnerability in Windows HelpPane caused by improper authentication of the client could allow escalation of privilege. To successfully exploit this vulnerability, the attacker must first log on to the system. 
  6. A vulnerability in the iSNS Server caused by improper validation of input from the client could allow remote code execution. 

All of the issues mentioned above has been rectified in the latest security update by making corrective modifications on applicable components. 

CVE Reference

CVE-2017-0007, CVE-2017-0016, CVE-2017-0039, CVE-2017-0057, CVE-2017-0100, CVE-2017-0104

Solution

Install the latest security patch for applicable system, available for download from https://technet.microsoft.com/en-us/library/security/MS17-012

Source

Microsoft Security Bulletin MS17-012