Fala galera beleza?
A Microsoft lançou essa semana uma lista de vulnerabilidades em cima de diversos sistemas e programas, inclusive um zero-day no Microsoft Word a partir da versão 2007 (provavelmente você e a sua empresa estão correndo risco sem essa atualização), além disso, temos vulnerabilidades diversas no IE, Edge, SMB e mais, segue uma tabela completa:
| Tag | CVE ID | CVE Title |
| Device Guard | CVE-2017-8715 | Windows Security Feature Bypass Vulnerability |
| Device Guard | CVE-2017-11823 | Microsoft Windows Security Feature Bypass |
| Internet Explorer | CVE-2017-11790 | Internet Explorer Information Disclosure Vulnerability |
| Internet Explorer | CVE-2017-11810 | Scripting Engine Memory Corruption Vulnerability |
| Internet Explorer | CVE-2017-11822 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2017-11813 | Internet Explorer Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2017-8726 | Microsoft Edge Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2017-11794 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2017-11816 | Windows GDI Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2017-11763 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2017-11762 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2017-11824 | Windows Graphics Component Elevation of Privilege Vulnerability |
| Microsoft Graphics Component | CVE-2017-8693 | Microsoft Graphics Information Disclosure Vulnerability |
| Microsoft JET Database Engine | CVE-2017-8718 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2017-8717 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2017-11776 | Microsoft Outlook Information Disclosure Vulnerability |
| Microsoft Office | CVE-2017-11775 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office | CVE-2017-11774 | Microsoft Outlook Security Feature Bypass Vulnerability |
| Microsoft Office | CVE-2017-11777 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office | CVE-2017-11826 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Office | CVE-2017-11825 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | ADV170017 | Office Defense in Depth Update |
| Microsoft Office | CVE-2017-11786 | Skype for Business Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2017-11820 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11798 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11799 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11809 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11796 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11797 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11806 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11800 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11808 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11807 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11805 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11804 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11811 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11801 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11802 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11812 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11821 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11793 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11792 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2017-11818 | Windows Storage Security Feature Bypass Vulnerability |
| Microsoft Windows | ADV170016 | Windows Server 2008 Defense in Depth |
| Microsoft Windows | CVE-2017-11783 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2017-11769 | TRIE Remote Code Execution Vulnerability |
| Microsoft Windows DNS | CVE-2017-11779 | Windows DNSAPI Remote Code Execution Vulnerability |
| Microsoft Windows Search Component | CVE-2017-11772 | Microsoft Search Information Disclosure Vulnerability |
| Microsoft Windows Search Component | CVE-2017-11771 | Windows Search Remote Code Execution Vulnerability |
| Windows Kernel | CVE-2017-11784 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11817 | Windows Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11814 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11765 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11785 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel-Mode Drivers | CVE-2017-8694 | Win32k Elevation of Privilege Vulnerability |
| Windows Kernel-Mode Drivers | CVE-2017-8689 | Win32k Elevation of Privilege Vulnerability |
| Windows NTLM | ADV170014 | Optional Windows NTLM SSO authentication changes |
| Windows Shell | CVE-2017-8727 | Windows Shell Memory Corruption Vulnerability |
| Windows Shell | CVE-2017-11819 | Windows Shell Remote Code Execution Vulnerability |
| Windows SMB Server | CVE-2017-11815 | Windows SMB Information Disclosure Vulnerability |
| Windows SMB Server | CVE-2017-11782 | Windows SMB Elevation of Privilege Vulnerability |
| Windows SMB Server | CVE-2017-11781 | Windows SMB Denial of Service Vulnerability |
| Windows SMB Server | CVE-2017-11780 | Windows SMB Remote Code Execution Vulnerability |
| Windows Subsystem for Linux | CVE-2017-8703 | Windows Subsystem for Linux Denial of Service Vulnerability |
| Windows TPM | ADV170012 | Vulnerability in TPM could allow Security Feature Bypass |
| Windows Update | CVE-2017-11829 | Windows Update Delivery Optimization Elevation of Privilege Vulnerability |
Abaixo a lista completa com todas as informações:
Link:
Abraços
Nenhum comentário:
Postar um comentário