Microsoft con il Patch Tuesday di agosto ha risolto 48 potenziali vulnerabilità di sicurezza che affligevano Windows, Microsoft Edge, Internet Explorer, SharePoint e SQL Server; di cui 25 segnalate come critiche tra le quali troviamo la piu pericolosa CVE-2017-8620.
La vulnerabilità CVE-2017-8620, scoperta da un ricercatore Microsoft, colpisce la totalità delle versioni di Windows ed è causata da un bug presente nel servizio di Windows Search che consente l’esecuzione di codice come amministratore di sistema da remoto. Sembra comunque che non sia per il momento un Exploit noto.
Non hanno ricevuto l’aggiornamento i sistemi non più supportati come Windows Xp e Vista non è noto anche se è altamente probabile se sono vulnerabili a questo bug.
Product
|
Platform
|
Article
|
Download
|
Impact
|
Severity
|
Supersedence
|
---|---|---|---|---|---|---|
Windows 10 for 32-bit Systems | 4034668 | Security Update | Remote Code Execution | Critical | 4025338 | |
Windows 10 for x64-based Systems | 4034668 | Security Update | Remote Code Execution | Critical | 4025338 | |
Windows 10 Version 1511 for 32-bit Systems | 4034660 | Security Update | Remote Code Execution | Critical | 4025344 | |
Windows 10 Version 1511 for x64-based Systems | 4034660 | Security Update | Remote Code Execution | Critical | 4025344 | |
Windows 10 Version 1607 for 32-bit Systems | 4034658 | Security Update | Remote Code Execution | Critical | 4025339 | |
Windows 10 Version 1607 for x64-based Systems | 4034658 | Security Update | Remote Code Execution | Critical | 4025339 | |
Windows 10 Version 1703 for 32-bit Systems | 4034674 | Security Update | Remote Code Execution | Critical | 4025342 | |
Windows 10 Version 1703 for x64-based Systems | 4034674 | Security Update | Remote Code Execution | Critical | 4025342 | |
Windows 7 for 32-bit Systems Service Pack 1 | 4034664 | Monthly Rollup | Remote Code Execution | Critical | 4025341 | |
4034679 | Security Only | |||||
Windows 7 for x64-based Systems Service Pack 1 | 4034664 | Monthly Rollup | Remote Code Execution | Critical | 4025341 | |
4034679 | Security Only | |||||
Windows 8.1 for 32-bit systems | 4034681 | Monthly Rollup | Remote Code Execution | Critical | 4025336 | |
4034672 | Security Only | |||||
Windows 8.1 for x64-based systems | 4034681 | Monthly Rollup | Remote Code Execution | Critical | 4025336 | |
4034672 | Security Only | |||||
Windows RT 8.1 | 4034681 | Monthly Rollup | Remote Code Execution | Critical | 4025336 | |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4034034 | Security Update | Remote Code Execution | Critical | ||
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4034034 | Security Update | Remote Code Execution | Critical | ||
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4034034 | Security Update | Remote Code Execution | Critical | ||
Windows Server 2008 for x64-based Systems Service Pack 2 | 4034034 | Security Update | Remote Code Execution | Critical | ||
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4034034 | Security Update | Remote Code Execution | Critical | ||
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4034664 | Monthly Rollup | Remote Code Execution | Critical | 4025341 | |
4034679 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4034664 | Monthly Rollup | Remote Code Execution | Critical | 4025341 | |
4034679 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4034664 | Monthly Rollup | Remote Code Execution | Critical | 4025341 | |
4034679 | Security Only | |||||
Windows Server 2012 | 4034665 | Monthly Rollup | Remote Code Execution | Critical | 4025331 | |
4034666 | Security Only | |||||
Windows Server 2012 (Server Core installation) | 4034665 | Monthly Rollup | Remote Code Execution | Critical | 4025331 | |
4034666 | Security Only | |||||
Windows Server 2012 R2 | 4034681 | Monthly Rollup | Remote Code Execution | Critical | 4025336 | |
4034672 | Security Only | |||||
Windows Server 2012 R2 (Server Core installation) | 4034681 | Monthly Rollup | Remote Code Execution | Critical | 4025336 | |
4034672 | Security Only | |||||
Windows Server 2016 | 4034658 | Security Update | Remote Code Execution | Critical | 4025339 | |
Windows Server 2016 (Server Core installation) | 4034658 | Security Update | Remote Code Execution | Critical | 4025339 |