CVE-2017-0165
published 2017-04-12CVE-2017-0165: An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server…
PriorityP346high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.34%
87.1th percentile
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | windows | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012_r2 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc6.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9q7j-h8c8-7wrw: An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8
ghsa_unreviewed·2022-05-13
CVE-2017-0165 [HIGH] GHSA-9q7j-h8c8-7wrw: An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."
Microsoft
Windows Elevation of Privilege Vulnerability
vendor_msrc·2017-04-11·CVSS 6.6
CVE-2017-0165 [HIGH] Windows Elevation of Privilege Vulnerability
Windows Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when Microsoft Windows fails to properly sanitize handles in memory.
An attacker who successfully exploited the vulnerability could run arbitrary code as System. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to elevate privileges. The update addresses the vulnerability by correcting how Windows sanitizes handles in memory.
Microsoft Windows: Microsoft Windows
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:
No detection rules found.
Talos
Microsoft Patch Tuesday - April 2017
blogs_talos·2017-04-12·CVSS 7.8
CVE-2017-0106 [HIGH] Microsoft Patch Tuesday - April 2017
## Microsoft Patch Tuesday - April 2017
It’s that time again! Today we bring you April’s Microsoft Patch Tuesday information. These fixed vulnerabilities affect Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine.
## Bulletins Rated Critical
CVE-2017-0106 outlines a vulnerability in Microsoft Word. It permits the bypass of security features when document loading is done via Outlook attachments for certain crafted emails. Successful exploitation of this issue may grant an attacker remote code execution.
CVE-2017-0158 details a vulnerability caused by certain malicious HTML files with VBScript content. Successful exploitation of this issue may grant an attacker remote code execution.
CVE-2017-0160 outlines a compromised WMI server accessed over DCOM using System.Manage
Talos
Microsoft Patch Tuesday - April 2017
blogs_talos·2017-04-12·CVSS 7.8
CVE-2017-0106 [HIGH] Microsoft Patch Tuesday - April 2017
It’s that time again! Today we bring you April’s Microsoft Patch Tuesday information. These fixed vulnerabilities affect Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine.
### Bulletins Rated Critical
CVE-2017-0106 outlines a vulnerability in Microsoft Word. It permits the bypass of
security features when document loading is done via Outlook attachments for
certain crafted emails. Successful exploitation of this issue may grant an
attacker remote code execution.
CVE-2017-0158 details a vulnerability caused by certain malicious HTML files with VBScript content. Successful exploitation of this issue may grant an attacker remote code execution.
CVE-2017-0160 outlines a compromised WMI server accessed over DCOM using System.Management classes or the Powershell Get-WmiOb
Zscaler
Zscaler protects against 16 new vulnerabilities for MS
blogs_zscaler·CVSS 7.8
[HIGH] Zscaler protects against 16 new vulnerabilities for MS
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
http://www.securityfocus.com/bid/97467http://www.securitytracker.com/id/1038239https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165https://www.exploit-db.com/exploits/41901/http://www.securityfocus.com/bid/97467http://www.securitytracker.com/id/1038239https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165https://www.exploit-db.com/exploits/41901/
2017-04-12
Published