Windows远程及本地信息泄露漏洞可获取敏感信息

2018-06-11    来源:

容器云强势上线!快速搭建集群,上万Linux镜像随意使用

      Windows爆出 信息泄露漏洞 ,CVEID CVE-2017-11832,攻击者可以利用这个问题获取敏感信息,从而有助于发起进一步攻击。受影响的系统包括Windows 2012、Windows 2008及R2、Win7等版本。

      另外,Windows内核也爆出本地信息泄露漏洞,CVEID CVE-2017-11853,本地攻击者可以利用此问题获取可能导致进一步攻击的敏感信息。受影响系统包括Win8.1、Win10、Windows 2008、Windows 2012、Windows 2016等版本。

Microsoft Windows信息泄露漏洞 CVE-2017-11832

      SecurityFocus评价:

微软Windows很容易出现信息泄露漏洞。攻击者可以利用这个问题获取敏感信息,从而有助于发起进一步攻击。

Bugtraq ID: 101726
Class: Design Error
CVE: CVE-2017-11832
Remote: Yes
Local: No
Published: Nov 14 2017 12:00AM
Updated: Nov 15 2017 12:07AM
Credit: Wayne Low (@x9090) of Fortinetâ??s FortiGuard Lab.
Vulnerable: Microsoft Windows Server 2012 0 
Microsoft Windows Server 2008 R2 for x64-based Systems SP1 
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 
Microsoft Windows Server 2008 for x64-based Systems SP2 
Microsoft Windows Server 2008 for Itanium-based Systems SP2 
Microsoft Windows Server 2008 for 32-bit Systems SP2 
Microsoft Windows 7 for x64-based Systems SP1 
Microsoft Windows 7 for 32-bit Systems SP1
 
Not Vulnerable:


Microsoft Windows内核本地信息泄露漏洞CVE-2017-11853

      SecurityFocus评价

微软Windows容易出现本地信息泄露漏洞。本地攻击者可以利用此问题获取可能导致进一步攻击的敏感信息

Bugtraq ID: 101764
Class: Design Error
CVE: CVE-2017-11853
Remote: No
Local: Yes
Published: Nov 14 2017 12:00AM
Updated: Nov 15 2017 12:07AM
Credit: Mateusz Jurczyk of Google Project Zero.
Vulnerable: Microsoft Windows Server 2016 0 
Microsoft Windows Server 2012 R2 0 
Microsoft Windows Server 2012 0 
Microsoft Windows Server 2008 R2 for x64-based Systems SP1 
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 
Microsoft Windows Server 2008 for x64-based Systems SP2 
Microsoft Windows Server 2008 for Itanium-based Systems SP2 
Microsoft Windows Server 2008 for 32-bit Systems SP2 
Microsoft Windows RT 8.1 
Microsoft Windows 8.1 for x64-based Systems 0 
Microsoft Windows 8.1 for 32-bit Systems 0 
Microsoft Windows 10 version 1709 for x64-based Systems 0 
Microsoft Windows 10 version 1709 for 32-bit Systems 0 
Microsoft Windows 10 version 1703 for x64-based Systems 0 
Microsoft Windows 10 version 1703 for 32-bit Systems 0 
Microsoft Windows 10 Version 1607 for x64-based Systems 0 
Microsoft Windows 10 Version 1607 for 32-bit Systems 0 
Microsoft Windows 10 version 1511 for x64-based Systems 0 
Microsoft Windows 10 version 1511 for 32-bit Systems 0 
Microsoft Windows 10 for x64-based Systems 0 
Microsoft Windows 10 for 32-bit Systems 0
 
Not Vulnerable:

 

转自:http://toutiao.secjia.com/windows-idv-cve-2017-11832

标签: Google 漏洞 问题

版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点!
本站所提供的图片等素材,版权归原作者所有,如需使用,请与原作者联系。

上一篇:勒索软件Locky现新型变种

下一篇:微软:银行木马Qakbot和Emote瞄准企业/家庭用户展开攻击