Microsoft Windows: CVE-2017-8695: Windows Uniscribe Information Disclosure Vulnerability
Description
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to obtain information to further compromise a user's system via a specially crafted document or an untrusted webpage, aka "Graphics Component Information Disclosure Vulnerability."
Solution(s)
- microsoft-windows-windows_10-1507-kb4038781
- microsoft-windows-windows_10-1511-kb4038783
- microsoft-windows-windows_10-1607-kb4038782
- microsoft-windows-windows_10-1703-kb4038788
- microsoft-windows-windows_server_2012-kb4038786
- microsoft-windows-windows_server_2012_r2-kb4038793
- microsoft-windows-windows_server_2016-1607-kb4038782
- msft-kb3213568-1bb10bc4-248b-48d3-8dc8-600ee9d9814d
- msft-kb3213568-468d1c07-9a77-429c-9d62-23022ed7e8fa
- msft-kb3213638-dfdbbd55-fdc3-47ad-8570-c68aaf946fe9
- msft-kb3213638-f242d798-dc9f-48ed-b493-f033a4999345
- msft-kb3213641-d0955758-bb02-4421-bd68-9c1819c98c29
- msft-kb4011107-00ad99ce-edc3-4a7a-924f-537f2ffcbe76
- msft-kb4011107-7f41e080-1a96-4fb6-bf7c-dcbf07343e6b
- msft-kb4011134-bf3b0d7f-f1d9-487c-93ab-624e982ea6ab
- msft-kb4025865-215c87d1-956c-450b-9102-264e9c4f10af
- msft-kb4025865-26ee1609-086b-47b2-ab8c-8903f01fac2a
- msft-kb4025866-22f9cca3-1c65-4e58-9549-575c3056a84c
- msft-kb4038779-1070c9d0-e91b-4bc4-b7b9-a64dd8e76951
- msft-kb4038779-1f7d6ab2-b81a-4f48-859a-706a9990c78c
- msft-kb4038779-3de7a78a-5b97-4df7-8bf6-36ebe20d3c75
- msft-kb4038779-530b9069-0208-4eef-add4-da2b473e9ef8
- msft-kb4038779-bb0be51a-f352-4d5f-b522-7d85d6e18585
- msft-kb4038779-fcccb9ba-857f-484e-83be-fd0685a31efb
- msft-kb4038786-2ac4d3a4-287f-4f33-bb61-b7b81245f55b
- msft-kb4038786-793b7e3e-090e-472e-b275-b520b5832a77
- msft-kb4038793-8c3d7238-564c-4ed3-ae6f-e3d9881f6f5f
- msft-kb4038793-d97e9753-f904-44d9-87a2-35cbf248aef4
- msft-kb4039384-01fdbbba-0a44-4250-947b-23500f80be96
- msft-kb4039384-2ce7ed93-2244-43ed-afb7-f92c0122c5a8
- msft-kb4039384-a616b2f4-a421-48cb-ab7c-eeb73f9ec042
- msft-kb4039384-e2695aa7-d9ac-4fc4-b8c5-8dbb3c972a43
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center