Msrc Windows 7 vulnerabilities

CVE-2017-0272 [HIGH] Windows SMB Remote Code Execution Vulnerability Windows SMB Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted pac

CVE-2017-0276 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0269 [MEDIUM] Windows SMB Denial of Service Vulnerability Windows SMB Denial of Service Vulnerability Description: A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to stop responding until it is manually restarted. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests t

CVE-2017-0267 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0280 [MEDIUM] Windows SMB Denial of Service Vulnerability Windows SMB Denial of Service Vulnerability Description: A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to stop responding until it is manually restarted. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests t

CVE-2017-0277 [HIGH] Windows SMB Remote Code Execution Vulnerability Windows SMB Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted pac

CVE-2017-0274 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0271 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0268 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0263 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnera

CVE-2017-0278 [HIGH] Windows SMB Remote Code Execution Vulnerability Windows SMB Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted pac

CVE-2017-0270 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0273 [MEDIUM] Windows SMB Denial of Service Vulnerability Windows SMB Denial of Service Vulnerability Description: A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to stop responding until it is manually restarted. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests t

CVE-2017-0275 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attac

CVE-2017-0258 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses t

CVE-2017-0077 [HIGH] Dxgkrnl.sys Elevation of Privilege Vulnerability Dxgkrnl.sys Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. An attacker who successfully exploited this vulnerability could run processes in an elevated context. On sy

CVE-2017-0190 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combina

CVE-2017-0246 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnera

CVE-2017-0214 [HIGH] Windows COM Elevation of Privilege Vulnerability Windows COM Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when Windows fails to properly validate input before loading type libraries. An attacker could use this vulnerability to elevate their privilege level. To exploit this vulnerability an attacker would first need to have access to the local system and have the ability to execute a malicious application. The update correc

CVE-2017-0213 [HIGH] Windows COM Elevation of Privilege Vulnerability Windows COM Elevation of Privilege Vulnerability Description: An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run