Multiple information disclosure vulnerabilities in Windows kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2017-8679 CVE-2017-8708 CVE-2017-8709 CVE-2017-8719 |
| CWE-ID | CWE-200 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU8309
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-8679
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to obtain potentially sensitive information.
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. A local user can gain access to potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8679
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU8310
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-8708
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to obtain potentially sensitive information.
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. A local user can gain access to potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8708
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Information disclosure
EUVDB-ID: #VU8312
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-8709
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to obtain potentially sensitive information.
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. A local user can gain access to potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8709
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU8313
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-8719
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to obtain potentially sensitive information.
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. A local user can gain access to potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8719
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
