Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-8592: Microsoft Browser Security Feature Bypass Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-8592: Microsoft Browser Security Feature Bypass Vulnerability

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
07/11/2017
Created
07/25/2018
Added
07/11/2017
Modified
09/11/2024

Description

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, aka "Microsoft Browser Security Feature Bypass".

Solution(s)

  • microsoft-windows-windows_10-1507-kb4025338
  • microsoft-windows-windows_10-1511-kb4025344
  • microsoft-windows-windows_10-1607-kb4025339
  • microsoft-windows-windows_10-1703-kb4025342
  • microsoft-windows-windows_server_2012-kb4025252
  • microsoft-windows-windows_server_2012-kb4025343
  • microsoft-windows-windows_server_2012_r2-kb4025252
  • microsoft-windows-windows_server_2012_r2-kb4025333
  • microsoft-windows-windows_server_2012_r2-kb4025336
  • microsoft-windows-windows_server_2016-1607-kb4025339
  • msft-kb4025240-4e1bec8c-1654-4d99-9dc2-9aa350e275d3
  • msft-kb4025240-61b294a0-bbc1-4b9a-acf7-3c7b7b311c0c
  • msft-kb4025240-dbc58e04-f558-44dd-80e5-6b3be9a62cf9
  • msft-kb4025240-e07ff6f6-5aba-4bf7-add4-8d4619bea9f8
  • msft-kb4025252-0560e935-d1e8-4ba3-994c-ad4c9fbba193
  • msft-kb4025252-0fbcc431-af61-46fe-9e46-43148b2b4858
  • msft-kb4025252-13f093d6-1214-437e-a50d-d93ad3930726
  • msft-kb4025252-1a89b6e6-9946-4f18-9426-5736b831024c
  • msft-kb4025252-1d7ccb76-11aa-4d27-8f43-bb0cc197e878
  • msft-kb4025252-28c3a340-a3cb-415e-8c4b-5e3aa02f960f
  • msft-kb4025252-40e0bc36-0f49-4fae-bd3e-b39209fbe5b9
  • msft-kb4025252-92358781-468f-4e44-ac39-7b4cd45f3523
  • msft-kb4025252-971d0291-5650-47f0-977d-7f120a2ad93f
  • msft-kb4025252-9d898637-87b8-42d2-851b-a6a4929ff4e2
  • msft-kb4025252-bfd6cbcd-0b71-4fd4-9150-d0a51185cec6
  • msft-kb4025252-d8ed3f28-404c-4d7f-be83-70259a0af517
  • msft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2
  • msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696
  • msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839
  • msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62
  • msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3
  • msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303
  • msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1
  • msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584
  • msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888
  • msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30ab

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;