vulnerability
Microsoft Windows: CVE-2017-0057: Windows DNS Query Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Mar 14, 2017 | Mar 14, 2017 | Sep 11, 2024 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Mar 14, 2017
Added
Mar 14, 2017
Modified
Sep 11, 2024
Description
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to visit an untrusted webpage or (2) tricking a server into sending a DNS query to a malicious DNS server, aka "Windows DNS Query Information Disclosure Vulnerability."
Solution(s)
microsoft-windows-windows_10-1507-kb4012606microsoft-windows-windows_10-1511-kb4013198microsoft-windows-windows_10-1607-kb4013429microsoft-windows-windows_server_2012_r2-kb4012213microsoft-windows-windows_server_2016-1607-kb4013429msft-kb4012213-317ca43c-7dfe-4e04-8a21-2c6c4ab4fbb9msft-kb4012213-5d351df3-6efb-4b17-93e0-b0e3a5babbc3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.