{"id":191373,"date":"2017-06-14T00:22:46","date_gmt":"2017-06-13T22:22:46","guid":{"rendered":"http:\/\/www.borncity.com\/blog\/?p=191373"},"modified":"2023-04-11T07:14:07","modified_gmt":"2023-04-11T05:14:07","slug":"microsoft-sicherheits-advisory-juni-2017","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2017\/06\/14\/microsoft-sicherheits-advisory-juni-2017\/","title":{"rendered":"Microsoft Sicherheits-Advisory Juni 2017"},"content":{"rendered":"

Zum 13. Juni 2017 hat Microsoft ein Sicherheits-Advisory<\/a> herausgegeben, welches \u00fcber 15 kritische Sicherheitsl\u00fccken informiert, die beim Patchday geschlossen wurden.<\/p>\n

<\/p>\n

\"\"Die ben\u00f6tigten Updates kommen per Windows Update, per WSUS oder SCCM oder lassen sich aus dem Microsoft Update Catalog herunterladen. Nachfolgend findet sich aber nur die Liste der Sicherheitsl\u00fccken, die im Juni 2017 adressiert wurden.<\/p>\n

MS08-067<\/a>: Vulnerability in Server Service Could Allow Remote Code Execution (958644)<\/strong>
\nThis security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft, Windows XP and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

MS09-050<\/a>: Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)<\/strong>
\nThis security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

MS10-061<\/a>: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)<\/strong>
\nThis security update resolves a publicly disclosed vulnerability in the Print Spooler service. The vulnerability could allow remote code execution if an attacker sends a specially crafted print request to a vulnerable system that has a print spooler interface exposed over RPC. By default, printers are not shared on any currently supported Windows operating system.<\/p>\n

Critical -Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

MS14-068<\/a>: Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)<\/strong>
\nThis security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only.<\/p>\n

Critical – Elevation of Privilege – Restart required
\nMicrosoft Windows<\/p>\n

MS17-010<\/a>: Security Update for Microsoft Windows SMB Server (4013389)<\/strong>
\nThis security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

MS17-013<\/a>: Security Update for Microsoft Graphics Component (4013075)
\n<\/strong>This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-0176: Remote Desktop Protocol Remote Code Execution Vulnerability (CVE-2017-0176 )
\n<\/strong>A remote code execution vulnerability exists in Remote Desktop Protocol (RDP) if the RDP server has Smart Card authentication enabled. An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-0222<\/a>: Internet Explorer Memory Corruption Vulnerability (CVE-2017-0222)
\n<\/strong>A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Critical – Remote Code Execution – Restart required<\/p>\n

Microsoft Internet Explorer<\/p>\n

CVE-2017-0267 – CVE-2017-0280<\/a>: Security Update for Microsoft Windows SMB (CVEs 2017-0267 through 2017-0280<\/strong>
\nSecurity updates exist in Microsoft Windows SMB. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted packets to a Microsoft Server Message Block 1.0 (SMBv1) server.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-7269: WebDAV Remote Code Execution Vulnerability (CVE-2017-7269)
\n<\/strong>A vulnerability exists in IIS when WebDAV improperly handles objects in memory, which could allow an attacker to run arbitrary code on the user's system. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-8461: Windows RPC Remote Code Execution Vulnerability (CVE-2017-8461)<\/strong>
\nA remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-8464<\/a>: LNK Remote Code Execution Vulnerability (CVE-2017-8464)<\/strong>
\nA remote code execution exists in Microsoft Windows that could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-8487: Windows olecnv32.dll Remote Code Execution Vulnerability (CVE-2017-8487)
\n<\/strong>A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-8543: Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
\n<\/strong>A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Critical – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

CVE-2017-8552<\/a>: Win32k Elevation of Privilege Vulnerability<\/strong>
\nAn elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n

Important\u00a0 – Remote Code Execution – Restart required
\nMicrosoft Windows<\/p>\n

Details zu den Updates finden sich in folgenden Blog-Beitr\u00e4gen.<\/p>\n

\u00c4hnliche Artikel:
\n<\/strong>Microsoft Juni 2017 Patchday Kurz\u00fcbersicht<\/a>
\nMicrosoft Sicherheits-Advisory Juni 2017<\/a>
\nPatchday Juni 2017: Updates f\u00fcr Windows 7\/8.1<\/a>
\nPatchday Juni 2017: Updates f\u00fcr Windows 10<\/a>
\nOffice Sicherheits-Updates (13. Juni 2017)<\/a>
\nWeitere Sicherheits-Updates 13. Juni 2017<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Zum 13. Juni 2017 hat Microsoft ein Sicherheits-Advisory herausgegeben, welches \u00fcber 15 kritische Sicherheitsl\u00fccken informiert, die beim Patchday geschlossen wurden.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,301],"tags":[672,4328,3288],"class_list":["post-191373","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-windows","tag-microsoft","tag-sicherheit","tag-windows-en"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/191373","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=191373"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/191373\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=191373"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=191373"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=191373"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}