Information disclosure in Microsoft XML Core Services

Published: 2017-03-14 00:00:00 | Updated: 2017-03-14
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-0022
CVSSv3 4.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C]
CWE ID CWE-200
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software Microsoft XML Core Services
Vulnerable software versions Microsoft XML Core Services 3.0
Vendor URL Microsoft

Security Advisory

1) Information disclosure

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to improper handling of objects in memory by Microsoft XML Core Services (MSXML). A remote unauthenticated attacker can create a specially crafted Web site, trick the victim into visiting it and test for the presence of files on disk.

Successful exploitation of this vulnerability results in information disclosure.

Note: the vulnerability was being actively exploited.

Remediation

Install update from vendor's website:

Windows Vista Service Pack 2:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916
Windows Vista x64 Edition Service Pack 2:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916

Windows Server 2008 for 32-bit Systems Service Pack 2:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916
Windows Server 2008 for x64-based Systems Service Pack 2:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916
Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916

Windows 7 for 32-bit Systems Service Pack 1 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows 7 for 32-bit Systems Service Pack 1 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215
Windows 7 for x64-based Systems Service Pack 1 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows 7 for x64-based Systems Service Pack 1 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215

Windows Server 2008 R2 for x64-based Systems Service Pack 1 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows Server 2008 R2 for x64-based Systems Service Pack 1 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215

Windows 8.1 for 32-bit Systems Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213
Windows 8.1 for 32-bit Systems Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216
Windows 8.1 for x64-based Systems Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213
Windows 8.1 for x64-based Systems Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216

Windows Server 2012 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012214
Windows Server 2012 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012217
Windows Server 2012 R2 Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213
Windows Server 2012 R2 Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216

Windows 10 for 32-bit Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606
Windows 10 for x64-based Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606
Windows 10 Version 1511 for 32-bit Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013198
Windows 10 Version 1511 for x64-based Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013198
Windows 10 Version 1607 for 32-bit Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429
Windows 10 Version 1607 for x64-based Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429

Windows Server 2016 for x64-based Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation):
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation):
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3216916
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Server Core installation) Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215
Windows Server 2012 (Server Core installation) Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012214
Windows Server 2012 (Server Core installation) Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012217
Windows Server 2012 R2 (Server Core installation) Security Only:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213
Windows Server 2012 R2 (Server Core installation) Monthly Rollup:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216
Windows Server 2016 for x64-based Systems:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429

External links

https://technet.microsoft.com/en-us/library/security/MS17-022

Back to List