Microsoft has fixed the *48 *security vulnerabilities as part of August
2017 Patch Tuesday.
Most of the them allows the *remote code execution*. According to
severity, *25 *are rated
*Critical*, *21 *are *Important *and *two* are *Moderate*.
These vulnerabilities impact all supported versions of *Microsoft's
Windows operating systems*
and following softwares:
* - Internet Explorer,**
** - Microsoft Edge,**
** - Microsoft SharePoint,**
** - Adobe Flash Player and**
** - Microsoft SQL Server.*
The most serious RCE vulnerability (*CVE-2017-8620*) is related to
handles objects in memory. Attacker who successfully exploited this
take control of the affected system.
A second RCE (rated important) is tied to*Windows
Hyper-V***(*CVE-2017-8664*) and exists
when a host server fails to properly validate input from an
authenticated user on a guest
operating system. An attacker who successfully exploited the
vulnerability could execute
arbitrary code on the host operating system.
Microsoft has also released critical security updates for the Adobe
Flash Player for*Internet
Explorer*, although Flash Player reach EOL at the end of 2020.
We have now created the NVTs to detect all these vulnerabilities(soon
will be update into feed),
Please do scan with updated feed to detect the vulnerabilities and
strongly recommended to
apply security patches as soon as possible to stay secure.
Openvas-discuss mailing list