Hello All,

Microsoft has fixed the *48 *security vulnerabilities as part of August 2017 Patch Tuesday. Most of the them allows the *remote code execution*. According to severity, *25 *are rated
*Critical*, *21 *are *Important *and *two* are *Moderate*.

These vulnerabilities impact all supported versions of *Microsoft's Windows operating systems*
 and following softwares:
* - Internet Explorer,**
** - Microsoft Edge,**
** - Microsoft SharePoint,**
** - Adobe Flash Player and**
** - Microsoft SQL Server.*

The most serious RCE vulnerability (*CVE-2017-8620*) is related to how*Windows Search* handles objects in memory. Attacker who successfully exploited this vulnerability could
take control of the affected system.

A second RCE (rated important) is tied to*Windows Hyper-V***(*CVE-2017-8664*) and exists when a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker who successfully exploited the vulnerability could execute
arbitrary code on the host operating system.

Microsoft has also released critical security updates for the Adobe Flash Player for*Internet
Explorer*, although Flash Player reach EOL at the end of 2020.

We have now created the NVTs to detect all these vulnerabilities(soon will be update into feed), Please do scan with updated feed to detect the vulnerabilities and strongly recommended to
apply security patches as soon as possible to stay secure.

Antu Sanadi

Openvas-discuss mailing list

Reply via email to