vulnerability
Microsoft Windows: CVE-2017-0170: Windows Performance Monitor Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jul 11, 2017 | Jul 11, 2017 | Sep 5, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jul 11, 2017
Added
Jul 11, 2017
Modified
Sep 5, 2025
Description
Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability due to the way it parses XML input, aka "Windows Performance Monitor Information Disclosure Vulnerability".
Solutions
microsoft-windows-windows_10-1507-kb4025338microsoft-windows-windows_10-1511-kb4025344microsoft-windows-windows_10-1607-kb4025339microsoft-windows-windows_10-1703-kb4025342microsoft-windows-windows_server_2012-kb4025343microsoft-windows-windows_server_2012_r2-kb4025333microsoft-windows-windows_server_2012_r2-kb4025336microsoft-windows-windows_server_2016-1607-kb4025339msft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30abmsft-kb4025397-4930e85a-3915-4a27-b19e-f3b7af8a400bmsft-kb4025397-aaed1c08-41ce-4577-81fc-41c5aaa44d2emsft-kb4025397-e4d1f31e-6542-473c-a276-b598a1618b9d
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.