Mcafee Foundstone Fsl Update

2017-JUL-11 FSL version 7.5.942

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

22040 - Oracle WebLogic Server Critical Patch Update April 2017

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-1181, CVE-2017-3506, CVE-2017-3531, CVE-2017-5638

Description Multiple vulnerabilities are present in some versions of Oracle WebLogic Server.

Observation Oracle WebLogic Server is a Java EE application server.

Multiple vulnerabilities are present in some versions of Oracle WebLogic Server. The flaws lie in several components. Successful exploitation could allow an attacker to retrieve sensitive data, cause a denial of service condition or remotely execute arbitrary code on the target system.

22081 - (MSPT-Jul2017) Microsoft Office Wordpad Remote Code Execution (CVE-2017-8588)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8588

Description A vulnerability in some versions of Microsoft Wordpad could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Wordpad could lead to remote code execution.

The flaw exists in the way that Microsoft WordPad parses specially crafted files. Successful exploitation by a remote attacker could result in the execution of arbitrary code.

22121 - (APSB17-21) Vulnerabilities In Adobe Flash Player

Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-3080, CVE-2017-3099, CVE-2017-3100

Description Multiple vulnerabilities are present in some versions of Adobe Flash Player. Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.

Multiple vulnerabilities are present in some versions of Adobe Flash Player. The flaws are due to several memory issues. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system or disclose private information.

The update provided by Adobe bulletin APSB17-21 resolves these issues. The target system is missing this update.

22122 - (APSB17-21) Vulnerabilities In Adobe Flash Player

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2017-3080, CVE-2017-3099, CVE-2017-3100

Description Multiple vulnerabilities are present in some versions of Adobe Flash Player.

Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.

The update provided by Adobe bulletin APSB17-21 resolves these issues. The target system is missing this update.

22080 - (MSPT-Jul2017) Microsoft Windows Powershell Remote Code Execution (CVE-2017-8565)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8565

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Powershell component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.

22055 - (MSPT-Jul2017) Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8594)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8594

Description A memory corruption vulnerability is present in some versions of Microsoft Internet Explorer.

Observation Internet Explorer is an Internet browser developed by Microsoft. A memory corruption vulnerability is present in some versions of Microsoft Internet Explorer. The flaw is due to improper handling of objects in memory. Successful exploitation could allow a remote attacker to execute arbitrary code in the context of the current user.

22057 - (MSPT-Jul2017) Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-8606)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8606

Description A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer and Edge.

Observation Internet Explorer and Edge are Internet browsers developed by Microsoft.

A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer and Edge. The flaw is due to improper handling of objects in memory. Successful exploitation could allow a remote attacker to execute arbitrary code in the context of the current user.

22058 - (MSPT-Jul2017) Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-8607)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8607

Description A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer and Edge.

Observation Internet Explorer and Edge are Internet browsers developed by Microsoft.

22059 - (MSPT-Jul2017) Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-8608)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8608

Description A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer and Edge.

Observation Internet Explorer and Edge are Internet browsers developed by Microsoft.

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8609

Description A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer.

Observation Internet Explorer is an Internet browser developed by Microsoft.

A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer. The flaw is due to improper handling of objects in memory. Successful exploitation could allow a remote attacker to execute arbitrary code in the context of the current user.

22061 - (MSPT-Jul2017) Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2017-8618)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8618

Description A remote code execution vulnerability is present in some versions of Microsoft Internet Explorer.

Observation Internet Explorer is an Internet browser developed by Microsoft.

22065 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution IV (CVE-2017-8595)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8595

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

The flaw lies in the Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email, or document.

22066 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution V (CVE-2017-8596)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8596

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22068 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution XIII (CVE-2017-8598)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8598

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22070 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution I (CVE-2017-8601)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8601

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22071 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution (CVE-2017-8603)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8603

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22072 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution VII (CVE-2017-8604)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8604

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22073 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution II (CVE-2017-8605)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8605

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22074 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution XII (CVE-2017-8610)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8610

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22076 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution III (CVE-2017-8617)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8617

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22077 - (MSPT-Jul2017) Microsoft Edge Scripting Engine Remote Code Execution VI (CVE-2017-8619)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8619

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

22082 - (MSPT-Jul2017) Microsoft Windows CLFS Privilege Escalation (CVE-2017-8590)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8590

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

The flaw exits when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. Successful exploitation could allow a local user to gain elevated privileges.

22091 - (MSPT-Jul2017) Microsoft Windows Explorer Remote Code Execution (CVE-2017-8463) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8463

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Explorer component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.

22095 - (MSPT-Jul2017) Microsoft Windows Search Remote Code Execution (CVE-2017-8589)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2017-8589

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Search component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.

22117 - Microsoft Windows Azure AD Connect Elevation of Privilege Vulnerability (4033453)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8613

Description A privilege escalation vulnerability is present in some versions of Microsoft Windows Azure AD Connect.

Observation Microsoft Windows Azure AD Connect is Microsoft connection software to Azure Active Directory.

A privilege escalation vulnerability is present in some versions of Microsoft Windows Azure AD Connect. The flaw is due to writeback been misconfigured during enablement. Successful exploitation could allow an attacker to reset passwords and access on-premises AD privileged user accounts.

22062 - (MSPT-Jul2017) Microsoft Asp.Net Information Disclosure Vulnerability (CVE-2017-8582

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8582

Description An information disclosure vulnerability is present in some versions of Microsoft ASP.NET.

Observation ASP.NET is a server-side web application framework developed by Microsoft.

An information disclosure vulnerability is present in some versions of Microsoft ASP.NET. The flaw is due to improper handling of objects in memory. Successful exploitation could allow a remote attacker to obtain sensitive information.

22063 - (MSPT-Jul2017) Microsoft .NET Denial of Service Vulnerability (CVE-2017-8585)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8585

Description A denial of service vulnerability is present in some versions of Microsoft .NET Framework.

Observation .NET Framework is a software framework developed by Microsoft.

A denial of service vulnerability is present in some versions of Microsoft .NET Framework. The flaw is due to improper handling of specially crafted web requests. Successful exploitation could allow a remote attacker to cause a denial of service.

22069 - (MSPT-Jul2017) Microsoft Edge Same Origin Policy Security Bypass (CVE-2017-8599)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8599

Description A vulnerability in some versions of Microsoft Edge could lead to security bypass.

Observation A vulnerability in some versions of Microsoft Edge could lead to security bypass.

The flaw lies in the Same Origin Policy component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the user to open a vulnerable website, email, or document.

22075 - (MSPT-Jul2017) Microsoft Edge HTTP Parsing Spoofing (CVE-2017-8611)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8611

Description A vulnerability in some versions of Microsoft Edge could lead to spoofing.

Observation A vulnerability in some versions of Microsoft Edge could lead to spoofing. The flaw lies in the HTTP Parsing component. Successful exploitation by a remote attacker could result in spoofing. The exploit requires the user to open a vulnerable website, email, or document.

22083 - (MSPT-Jul2017) Microsoft Windows Win32k Privilege Escalation V (CVE-2017-8581)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8581

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

A vulnerability is present in some versions of Microsoft Windows. The flaw lies in the Win32k component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.

22084 - (MSPT-Jul2017) Microsoft Windows Win32k Privilege Escalation IV (CVE-2017-8580)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8580

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22085 - (MSPT-Jul2017) Microsoft Windows Win32k Privilege Escalation III (CVE-2017-8578)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8578

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22086 - (MSPT-Jul2017) Microsoft Windows Win32k Privilege Escalation II (CVE-2017-8577) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8577

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22087 - (MSPT-Jul2017) Microsoft Windows Win32k Information Disclosure I (CVE-2017-8486)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8486

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

A vulnerability is present in some versions of Microsoft Windows. The flaw lies in the Win32k component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.

22088 - (MSPT-Jul2017) Microsoft Windows Win32k Privilege Escalation (CVE-2017-8467)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8467

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22089 - (MSPT-Jul2017) Microsoft Exchange Cross-Site Scripting Privilege Escalation I (CVE-2017-8559)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8559 Description A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.

The flaw exists when Windows improperly handles calls to Advanced Local Procedure Call. Successful exploitation could allow a local user to gain elevated privileges.

22090 - (MSPT-Jul2017) Microsoft Exchange Cross-Site Scripting Privilege Escalation II (CVE-2017-8560)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8560

Description A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.

The flaw exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. Successful exploitation could allow a local user to gain elevated privileges.

22092 - (MSPT-Jul2017) Microsoft Windows Explorer Denial of Service (CVE-2017-8587)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8587

Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

The flaw exists when Windows Explorer attempts to open a non-existent file. Successful exploitation by a remote attacker could result in a denial of service condition.

22093 - (MSPT-Jul2017) Microsoft Windows IME Privilege Escalation (CVE-2017-8566)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8566

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the IME component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.

22094 - (MSPT-Jul2017) Microsoft Exchange Open Redirect Vulnerability Spoofing Information Disclosure (CVE-2017-8621)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8621

Description A vulnerability in some versions of Microsoft Exchange could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Exchange could lead to information disclosure.

The flaw occurs in Microsoft Exchange and could lead to spoofing. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.

22099 - (MSPT-Jul2017) Microsoft Sharepoint Server Cross-Site Scripting Privilege Escalation (CVE-2017-8569)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8569

Description A vulnerability in some versions of Microsoft SharePoint Server could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Sharepoint Server could lead to privilege escalation.

The flaw exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Successful exploitation could allow a local user to gain elevated privileges.

22100 - (MSPT-Jul2017) Microsoft Windows Graphics Privilege Escalation I (CVE-2017-8556)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8556

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

A vulnerability is present in some versions of Microsoft Windows. The flaw lies in the Graphics component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.

22101 - (MSPT-Jul2017) Microsoft Windows Graphics Privilege Escalation II (CVE-2017-8573) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8573

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22102 - (MSPT-Jul2017) Microsoft Windows Graphics Privilege Escalation III (CVE-2017-8574)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8574

Description A vulnerability is present in some versions of Microsoft Windows.

Observation Microsoft Windows is a popular operating system.

22103 - (MSPT-Jul2017) Microsoft Office Memory Handling Remote Code Execution III (CVE-2017-0243)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-0243

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

The flaw exists in Microsoft Office software when the software fails to properly handle objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code.

22106 - (MSPT-Jul2017) Microsoft Office Memory Corruption Remote Code Execution I (CVE-2017-8501)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8501 Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

22107 - (MSPT-Jul2017) Microsoft Office Memory Corruption Remote Code Execution II (CVE-2017-8502)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8502

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

22108 - (MSPT-Jul2017) Microsoft Office Memory Handling Remote Code Execution II (CVE-2017-8570)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8570

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

22109 - (MSPT-Jul2017) Microsoft Windows Kerberos Privilege Escalation (CVE-2017-8563)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8563

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Kerberos component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.

22110 - (MSPT-Jul2017) Microsoft Windows Performance Monitor Information Disclosure (CVE-2017-0170)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-0170

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to information disclosure. The flaw lies in the Performance Monitor component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.

22111 - (MSPT-Jul2017) Microsoft Windows Kerberos Security Bypass (CVE-2017-8495)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8495

Description A vulnerability in some versions of Microsoft Windows could lead to security bypass.

Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to security bypass. The flaw lies in the Kerberos component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the attacker to have valid credentials to the vulnerable system.

22112 - (MSPT-Jul2017) Microsoft Windows System Information Console Information Disclosure (CVE-2017-8557)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8557

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation Windows is a popular operation system developed by Microsoft. A vulnerability in some versions of Microsoft Windows could lead to information disclosure. The flaw lies in the System Information Console component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.

22113 - (MSPT-Jul2017) Microsoft Windows Kernel Privilege Escalation I (CVE-2017-8561)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8561

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Kernel component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.

22114 - (MSPT-Jul2017) Microsoft Windows ALPC Privilege Escalation (CVE-2017-8562)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8562

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw exits when Windows improperly handles calls to Advanced Local Procedure Call. Successful exploitation could allow a local user to gain elevated privileges.

22115 - (MSPT-Jul2017) Microsoft Windows Kernel Information Disclosure II (CVE-2017-8564)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8564

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation Windows is a popular operation system developed by Microsoft.

A vulnerability in some versions of Microsoft Windows could lead to information disclosure. The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system. 22136 - (MSPT-Jul2017) Microsoft Office Memory Corruption Remote Code Execution I (CVE-2017-8501)

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-8501

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

22054 - (MSPT-Jul2017) Microsoft Browser Security Feature Bypass Vulnerability (CVE-2017-8592)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8592

Description An information disclosure vulnerability is present in some versions of Microsoft Browser.

Observation Internet Explorer and Edge are Internet browsers developed by Microsoft.

An information disclosure vulnerability is present in some versions of Microsoft Browser. The flaw is due to improper handling of redirect requests. Successful exploitation could allow a remote attacker to obtain data that would otherwise be restricted to a destination web site of their choice.

22056 - (MSPT-Jul2017) Microsoft Browser Spoofing Vulnerability (CVE-2017-8602)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-8602

Description A spoofing vulnerability is present in some versions of Microsoft Internet Explorer and Edge.

Observation Internet Explorer and Edge are Internet browsers developed by Microsoft.

A spoofing vulnerability is present in some versions of Microsoft Internet Explorer and Edge. The flaw is due to improper handling of HTTP responses. Successful exploitation could allow a remote attacker to spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 145424 - SuSE SLES 11 SP4 SUSE-SU-2017:1763-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-6706

Update Details Risk is updated

145426 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1716-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-6706

Update Details Risk is updated

145432 - SuSE SLES 11 SP4 SUSE-SU-2017:1760-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-6706

Update Details Risk is updated

130799 - Debian Linux 8.0 DSA-3882-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6127, CVE-2017-5361, CVE-2017-5943, CVE-2017-5944

Update Details Risk is updated

130801 - Debian Linux 8.0 DSA-3883-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5361

Update Details Risk is updated

70014 - netbios-helpers.fasl3.inc

Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH Update Details FASLScript is updated

70086 - oracle.fasl3.inc

Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH

Update Details FASLScript is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.