Microsoft CVE-2017-11818: Windows Storage Security Feature Bypass Vulnerability
Description
An Security Feature bypass vulnerability exists in Microsoft Windows storage when it fails to validate an integrity-level check. An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level. The update addresses the vulnerability by correcting how Microsoft storage validates an integrity-level check.
Solution(s)
- msft-kb4041676-1ff2737c-1aff-4e62-b1c6-9cfef29526a8
- msft-kb4041676-b16fea38-0350-4f91-84a8-7eb01c1eb034
- msft-kb4041679-4340967a-c8b8-4200-92b4-aea2b1235e6d
- msft-kb4041679-4aa7d02c-1328-4f53-b136-faf79e2475c8
- msft-kb4041679-72b1b537-615d-4b25-b7e7-34350dcd0aab
- msft-kb4041687-092e7af4-3dd9-4daf-b99f-27b776380751
- msft-kb4041687-92b0c4d3-a90b-4879-ba50-5542e1183baf
- msft-kb4041687-e36e24fc-789e-483f-bb72-01a3ec3eea74
- msft-kb4041689-8ff2f636-c756-4a18-9b8c-2e961960a229
- msft-kb4041689-c6c38d0b-3125-4a5a-bf3a-31cfc45fb07e
- msft-kb4041691-27ba94ef-c1b7-4cd7-b091-7f818dee7983
- msft-kb4041691-3f057cc9-5e08-431f-bbbe-32144c35e95e
- msft-kb4041691-4006f198-f0ed-47b5-accc-284bdf382724
- msft-kb4042895-6a029367-c557-48a9-b3e6-50d8904c370d
- msft-kb4042895-d1a447dc-99ec-4b48-ab98-508c89ae01ee
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center