MS17-017: Security Update for Windows Kernel (4013081)

High Nessus Plugin ID 97733

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 8.9

Synopsis

The remote Windows host is affected multiple elevation of privilege vulnerabilities.

Description

The remote Windows host is missing a security update. It is, therefore, affected by multiple elevation of privilege vulnerabilities :

- An elevation of privilege vulnerability exists in the Windows Kernel API due to improper enforcement of permissions. A local attacker can exploit this, via a specially crafted application, to run processes in an elevated context. (CVE-2017-0050)

- An elevation of privilege vulnerability exists in the Windows Transaction Manager due to improper handling of objects in memory. A local attacker can exploit this, via a specially crafted application, to run processes in an elevated context. (CVE-2017-0101)

- An elevation of privilege vulnerability exists due to a failure to check the length of a buffer prior to copying memory. A local attacker can exploit this, by copying a file to a shared folder or drive, to gain elevated privileges. (CVE-2017-0102)

- An elevation of privilege vulnerability exists in the Windows Kernel API due to improper handling of objects in memory. A local attacker can exploit this, via a specially crafted application, to gain elevated privileges. (CVE-2017-0103)

Solution

Microsoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.

See Also

https://technet.microsoft.com/library/security/ms17-017

Plugin Details

Severity: High

ID: 97733

File Name: smb_nt_ms17-017.nasl

Version: 1.10

Type: local

Agent: windows

Published: 2017/03/14

Updated: 2018/07/30

Dependencies: 13855, 93962, 57033

Risk Information

Risk Factor: High

VPR Score: 8.9

CVSS v2.0

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSS v3.0

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/03/14

Vulnerability Publication Date: 2017/03/14

Reference Information

CVE: CVE-2017-0050, CVE-2017-0101, CVE-2017-0102, CVE-2017-0103

BID: 96025, 96623, 96625, 96627

MSFT: MS17-017

MSKB: 4011981, 4012212, 4012213, 4012214, 4012215, 4012216, 4012217, 4012606, 4013198, 4013429

IAVA: 2017-A-0068