CVE-2017-8591
published 2017-08-08CVE-2017-8591: Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server…
PriorityP344high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
3.97%
89.2th percentile
Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects in memory, aka "Windows IME Remote Code Execution Vulnerability".
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | windows_shell | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_10_version_1703_for_32-bit_systems | — | — |
| msrc | windows_10_version_1703_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows IME Remote Code Execution Vulnerability
vendor_msrc·2017-08-08·CVSS 8.8
CVE-2017-8591 [HIGH] Windows IME Remote Code Execution Vulnerability
Windows IME Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class.
The DCOM server is a Windows component installed regardless of which languages/IMEs are enabled. An attacker can instantiate the DCOM class and exploit the system even if IME is not enabled.
To exploit this vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses this vulnerability by correcting how Windows IME handles parameters in a method of a DCOM class.
Windows Shell: Windows Shell
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;O
GHSA
GHSA-phgj-7rc6-g54r: Windows Input Method Editor (IME) in Windows 8
ghsa_unreviewed·2022-05-13
CVE-2017-8591 [HIGH] GHSA-phgj-7rc6-g54r: Windows Input Method Editor (IME) in Windows 8
Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects in memory, aka "Windows IME Remote Code Execution Vulnerability".
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday - August 2017
blogs_talos·2017-08-08·CVSS 7.8
[HIGH] Microsoft Patch Tuesday - August 2017
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 48 new vulnerabilities with 25 of them rated critical, 21 rated important, and 2 rated moderate. These vulnerabilities impact Edge, Hyper-V, Internet Explorer, Remote Desktop Protocol, Sharepoint, SQL Server, the Windows Subsystem for Linux, and more. In addition, Microsoft is also releasing an update for Adobe Flash Player embedded in Edge and Internet Explorer.
## Vulnerabilities Rated Critical The following vulnerabilities are rated "critical" by Microsoft:
- CVE-2017-8653 - Microsoft Browser Memory Corruption Vulnerability
- CVE-2017-8669 - Microsoft Browser Memory Corruption Vulnerability
- CVE-2017-866
Talos
Microsoft Patch Tuesday - August 2017
blogs_talos·2017-08-08·CVSS 7.8
[HIGH] Microsoft Patch Tuesday - August 2017
## Microsoft Patch Tuesday - August 2017
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 48 new vulnerabilities with 25 of them rated critical, 21 rated important, and 2 rated moderate. These vulnerabilities impact Edge, Hyper-V, Internet Explorer, Remote Desktop Protocol, Sharepoint, SQL Server, the Windows Subsystem for Linux, and more. In addition, Microsoft is also releasing an update for Adobe Flash Player embedded in Edge and Internet Explorer.
## Vulnerabilities Rated Critical The following vulnerabilities are rated "critical" by Microsoft:
CVE-2017-8653 - Microsoft Browser Memory Corruption Vulnerability
CVE-2017-8669 - Microsoft Browser Memory
http://www.securityfocus.com/bid/99430http://www.securitytracker.com/id/1039097https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8591http://www.securityfocus.com/bid/99430http://www.securitytracker.com/id/1039097https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8591
2017-08-08
Published