SynopsisThe remote Windows host has a browser plugin installed that is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing security update KB4020821. It is, therefore, affected by multiple vulnerabilities :
- A use-after-free error exists that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3071)
- Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074)
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.