Home

Microsoft Browser Spoofing Vulnerability for Windows 10 Version 1511 for x64-based Systems (KB4013198) - Cumulative

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.318%

CVE Information

Source CVE
CVE-2017-0144

Associated CVE
CVE-2017-0144
CVE-2017-0143
CVE-2017-0146
CVE-2017-0145
CVE-2017-0149
CVE-2017-0005
CVE-2017-0147
CVE-2017-0037
CVE-2017-0148
CVE-2017-0022
CVE-2017-0055
CVE-2017-0001
CVE-2017-0059
CVE-2017-0023
CVE-2017-0094
CVE-2017-0131
CVE-2017-0089
CVE-2017-0072
CVE-2017-0083
CVE-2017-0086
CVE-2017-0087
CVE-2017-0088
CVE-2017-0090
CVE-2017-0084
CVE-2017-0016
CVE-2017-0108
CVE-2017-0063
CVE-2017-0070
CVE-2017-0100
CVE-2017-0085
CVE-2017-0065
CVE-2017-0091
CVE-2017-0092
CVE-2017-0111
CVE-2017-0112
CVE-2017-0113
CVE-2017-0114
CVE-2017-0115
CVE-2017-0116
CVE-2017-0117
CVE-2017-0118
CVE-2017-0121
CVE-2017-0075
CVE-2017-0141
CVE-2017-0060
CVE-2017-0021
CVE-2017-0104
CVE-2017-0038
CVE-2017-0024
CVE-2017-0025
CVE-2017-0026
CVE-2017-0047
CVE-2017-0050
CVE-2017-0056
CVE-2017-0082
CVE-2017-0061
CVE-2017-0039
CVE-2017-0078
CVE-2017-0079
CVE-2017-0080
CVE-2017-0081
CVE-2017-0102
CVE-2017-0154
CVE-2017-0010
CVE-2017-0014
CVE-2017-0015
CVE-2017-0018
CVE-2017-0032
CVE-2017-0034
CVE-2017-0035
CVE-2017-0040
CVE-2017-0067
CVE-2017-0130
CVE-2017-0132
CVE-2017-0133
CVE-2017-0134
CVE-2017-0137
CVE-2017-0150
CVE-2017-0151
CVE-2017-0017
CVE-2017-0138
CVE-2017-0008
CVE-2017-0009
CVE-2017-0011
CVE-2017-0049
CVE-2017-0057
CVE-2017-0068
CVE-2017-0073
CVE-2017-0062
CVE-2017-0012
CVE-2017-0033
CVE-2017-0069
CVE-2017-0066
CVE-2017-0135
CVE-2017-0095
CVE-2017-0109
CVE-2017-0007
CVE-2017-0042
CVE-2017-0076
CVE-2017-0096
CVE-2017-0051
CVE-2017-0074
CVE-2017-0097
CVE-2017-0098
CVE-2017-0099

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
22051

Patch Description
Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4013198)

References

http://blog.inspired-sec.com/archive/2017/03/17/COM-Moniker-Privesc.html
http://pastebin.com/raw/Eztknq4s
http://www.security-assessment.com/files/documents/advisory/comparestring_infoleak.pdf
http://www.security-assessment.com/files/documents/advisory/reversesegment.pdf
http://www.securityfocus.com/bid/96013
http://www.securityfocus.com/bid/96018
http://www.securityfocus.com/bid/96020
http://www.securityfocus.com/bid/96023
http://www.securityfocus.com/bid/96024
http://www.securityfocus.com/bid/96025
http://www.securityfocus.com/bid/96026
http://www.securityfocus.com/bid/96029
http://www.securityfocus.com/bid/96032
http://www.securityfocus.com/bid/96033
http://www.securityfocus.com/bid/96034
http://www.securityfocus.com/bid/96057
http://www.securityfocus.com/bid/96059
http://www.securityfocus.com/bid/96064
http://www.securityfocus.com/bid/96069
http://www.securityfocus.com/bid/96073
http://www.securityfocus.com/bid/96075
http://www.securityfocus.com/bid/96077
http://www.securityfocus.com/bid/96078
http://www.securityfocus.com/bid/96079
http://www.securityfocus.com/bid/96080
http://www.securityfocus.com/bid/96082
http://www.securityfocus.com/bid/96085
http://www.securityfocus.com/bid/96086
http://www.securityfocus.com/bid/96087
http://www.securityfocus.com/bid/96088
http://www.securityfocus.com/bid/96094
http://www.securityfocus.com/bid/96095
http://www.securityfocus.com/bid/96098
http://www.securityfocus.com/bid/96599
http://www.securityfocus.com/bid/96603
http://www.securityfocus.com/bid/96604
http://www.securityfocus.com/bid/96605
http://www.securityfocus.com/bid/96606
http://www.securityfocus.com/bid/96607
http://www.securityfocus.com/bid/96608
http://www.securityfocus.com/bid/96610
http://www.securityfocus.com/bid/96622
http://www.securityfocus.com/bid/96626
http://www.securityfocus.com/bid/96627
http://www.securityfocus.com/bid/96630
http://www.securityfocus.com/bid/96631
http://www.securityfocus.com/bid/96632
http://www.securityfocus.com/bid/96633
http://www.securityfocus.com/bid/96634
http://www.securityfocus.com/bid/96635
http://www.securityfocus.com/bid/96636
http://www.securityfocus.com/bid/96637
http://www.securityfocus.com/bid/96638
http://www.securityfocus.com/bid/96639
http://www.securityfocus.com/bid/96640
http://www.securityfocus.com/bid/96641
http://www.securityfocus.com/bid/96642
http://www.securityfocus.com/bid/96643
http://www.securityfocus.com/bid/96644
http://www.securityfocus.com/bid/96645
http://www.securityfocus.com/bid/96647
http://www.securityfocus.com/bid/96648
http://www.securityfocus.com/bid/96649
http://www.securityfocus.com/bid/96650
http://www.securityfocus.com/bid/96652
http://www.securityfocus.com/bid/96655
http://www.securityfocus.com/bid/96657
http://www.securityfocus.com/bid/96658
http://www.securityfocus.com/bid/96659
http://www.securityfocus.com/bid/96660
http://www.securityfocus.com/bid/96661
http://www.securityfocus.com/bid/96662
http://www.securityfocus.com/bid/96663
http://www.securityfocus.com/bid/96665
http://www.securityfocus.com/bid/96671
http://www.securityfocus.com/bid/96676
http://www.securityfocus.com/bid/96678
http://www.securityfocus.com/bid/96679
http://www.securityfocus.com/bid/96680
http://www.securityfocus.com/bid/96686
http://www.securityfocus.com/bid/96690
http://www.securityfocus.com/bid/96695
http://www.securityfocus.com/bid/96697
http://www.securityfocus.com/bid/96698
http://www.securityfocus.com/bid/96699
http://www.securityfocus.com/bid/96700
http://www.securityfocus.com/bid/96701
http://www.securityfocus.com/bid/96703
http://www.securityfocus.com/bid/96704
http://www.securityfocus.com/bid/96705
http://www.securityfocus.com/bid/96706
http://www.securityfocus.com/bid/96707
http://www.securityfocus.com/bid/96709
http://www.securityfocus.com/bid/96713
http://www.securityfocus.com/bid/96715
http://www.securityfocus.com/bid/96722
http://www.securityfocus.com/bid/96724
http://www.securityfocus.com/bid/96766
http://www.securityfocus.com/bid/96786
http://www.securitytracker.com/id/1037845
http://www.securitytracker.com/id/1037905
http://www.securitytracker.com/id/1037906
http://www.securitytracker.com/id/1037989
http://www.securitytracker.com/id/1037991
http://www.securitytracker.com/id/1037992
http://www.securitytracker.com/id/1037999
http://www.securitytracker.com/id/1038001
http://www.securitytracker.com/id/1038002
http://www.securitytracker.com/id/1038006
http://www.securitytracker.com/id/1038008
http://www.securitytracker.com/id/1038012
http://www.securitytracker.com/id/1038013
http://www.securitytracker.com/id/1038014
http://www.securitytracker.com/id/1038016
http://www.securitytracker.com/id/1038017
https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html
https://0patch.blogspot.com/2017/09/exploit-kit-rendezvous-and-cve-2017-0022.html
https://0patch.blogspot.si/2017/03/0patching-another-0-day-internet.html
https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1011
https://bugs.chromium.org/p/project-zero/issues/detail?id=1021
https://bugs.chromium.org/p/project-zero/issues/detail?id=992
https://enigma0x3.net/2017/04/03/defeating-device-guard-a-look-into-cve-2017-0007/
https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0001
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0005
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0007
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0008
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0009
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0010
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0011
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0012
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0014
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0015
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0017
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0018
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0021
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0022
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0023
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0024
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0025
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0026
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0032
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0033
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0034
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0035
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0037
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0038
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0039
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0040
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0042
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0047
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0049
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0050
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0051
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0055
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0056
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0057
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0059
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0060
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0061
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0062
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0063
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0065
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0066
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0067
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0068
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0069
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0070
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0073
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0074
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0075
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0076
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0078
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0079
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0080
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0081
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0082
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0083
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0084
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0085
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0086
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0087
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0088
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0089
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0090
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0091
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0092
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0095
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0097
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0098
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0099
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0100
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0102
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0104
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0108
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0109
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0111
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0112
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0113
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0114
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0115
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0116
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0117
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0118
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0121
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0130
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0131
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0132
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0143
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0144
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0145
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0146
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0147
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0148
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0149
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0154
https://twitter.com/Qab/status/842506404950917120
https://www.exploit-db.com/exploits/41363/
https://www.exploit-db.com/exploits/41454/
https://www.exploit-db.com/exploits/41607/
https://www.exploit-db.com/exploits/41623/
https://www.exploit-db.com/exploits/41646/
https://www.exploit-db.com/exploits/41647/
https://www.exploit-db.com/exploits/41648/
https://www.exploit-db.com/exploits/41649/
https://www.exploit-db.com/exploits/41650/
https://www.exploit-db.com/exploits/41651/
https://www.exploit-db.com/exploits/41652/
https://www.exploit-db.com/exploits/41653/
https://www.exploit-db.com/exploits/41654/
https://www.exploit-db.com/exploits/41655/
https://www.exploit-db.com/exploits/41656/
https://www.exploit-db.com/exploits/41657/
https://www.exploit-db.com/exploits/41658/
https://www.exploit-db.com/exploits/41659/
https://www.exploit-db.com/exploits/41661/
https://www.exploit-db.com/exploits/41891/
https://www.exploit-db.com/exploits/41987/
https://www.exploit-db.com/exploits/42030/
https://www.exploit-db.com/exploits/42031/
https://www.exploit-db.com/exploits/42354/
https://www.exploit-db.com/exploits/43125/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0016
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0138
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0135
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0134
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0094
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0141
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0150
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0137
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0151
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0133