Microsoft Windows 10 vulnerabilities

CVE-2017-11772 [HIGH] CWE-200 CVE-2017-11772: The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to properly handle objects in memory, aka "Microsoft Search Information Disclo

CVE-2017-8694 [HIGH] CVE-2017-8694: The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege

CVE-2017-11782 [HIGH] CWE-20 CVE-2017-11782: The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allow The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability".

CVE-2017-8718 [HIGH] CVE-2017-8718: The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka "Microsoft JET Database Engine Remote Code Execution Vulnerabi

CVE-2017-11783 [HIGH] CVE-2017-11783: Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability".

CVE-2017-8717 [HIGH] CWE-119 CVE-2017-8717: The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka "Microsoft JET Database Engine Remote Code Execution V

CVE-2017-8727 [HIGH] CWE-119 CVE-2017-8727: Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka "Windows Shell Memor

CVE-2017-11779 [HIGH] CVE-2017-11779: The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2 The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability".

CVE-2017-8689 [HIGH] CVE-2017-8689: The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege

CVE-2017-11781 [HIGH] CWE-20 CVE-2017-11781: The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB D

CVE-2017-11780 [HIGH] CVE-2017-11780: The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a remote code execution vulnerability when it fails to properly handle certain requests, aka "Windows SMB Remote Code Execution

CVE-2017-8703 [MEDIUM] CWE-119 CVE-2017-8703: The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vu The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".

CVE-2017-11815 [MEDIUM] CWE-200 CVE-2017-11815: The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information

CVE-2017-11765 [MEDIUM] CWE-200 CVE-2017-11765: The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Informati

CVE-2017-11785 [MEDIUM] CVE-2017-11785: The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Discl

CVE-2017-11818 [MEDIUM] CWE-254 CVE-2017-11818: The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability".

CVE-2017-11829 [MEDIUM] CWE-552 CVE-2017-11829: Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.

CVE-2017-11823 [MEDIUM] CWE-362 CVE-2017-11823: The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 20 The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass".

CVE-2017-11816 [MEDIUM] CWE-200 CVE-2017-11816: The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Inf

CVE-2017-11814 [MEDIUM] CVE-2017-11814: The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Discl