Microsoft CVE-2017-11927: Microsoft Windows Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL. This could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability an attacker would have to trick a user into browsing to a malicious website or to an SMB or UNC path destination. An attacker who successfully tricked a user into disclosing the user's NTLM hash could attempt a brute-force attack to disclose the corresponding hash password. The security update addresses the vulnerability by correcting how the Windows its:// protocol handler determines the zone of a request.
Solution(s)
- msft-kb4053578-8d83763b-9260-4226-ae6a-58b40c5fbd96
- msft-kb4053578-ea796f81-fa24-4aa5-9125-efcc8d5ee4d0
- msft-kb4103712-37b5b334-c8cc-4a13-b84c-48e1bea48d6b
- msft-kb4103712-83a7090f-3e70-4edb-b2af-18ee3c8c8539
- msft-kb4103712-902c7573-12fb-4135-a2df-88d13af1d33c
- msft-kb4103712-c53c08ca-efac-49ab-a665-5b470f700c80
- msft-kb4103712-ddb1b118-50db-4654-b4d4-04cce64723ed
- msft-kb4103712-deb51cc8-5372-4925-a191-c02b160864d5
- msft-kb4103715-196f3a64-83fb-4123-a71b-3e7aa0534b4a
- msft-kb4103715-53738d8d-be74-4aef-ae8c-8fe6be9cd854
- msft-kb4103715-a0a512c2-5000-486b-bfea-655ac981bef3
- msft-kb4103716-34e04a3c-fab2-4a5e-b231-a37aac882e0f
- msft-kb4103716-8759c2a2-230b-4089-9c04-586cf2746a71
- msft-kb4103723-54f93c06-1d96-40f5-bdc8-f9924dbcd522
- msft-kb4103723-99a0b90d-2519-4700-be0c-e6c7b5bd04ec
- msft-kb4103723-a74a9c4e-0823-4afc-8b58-cf1785a2e2b4
- msft-kb4103726-a7aeeaa3-5971-4250-852a-cce0d132b757
- msft-kb4103726-e236ef6f-7ae3-4e19-879e-9130446af0ca
- msft-kb4103726-fb17b3dd-c200-4335-aae4-a4fadb929428
- msft-kb4103727-0dae0270-e483-4c81-9914-263ec487c6c1
- msft-kb4103727-6108aff5-77b2-4684-b1cb-749f3c040d8f
- msft-kb4103727-c03178c9-b5d2-4c5f-819f-c8871513e23d
- msft-kb4103731-610e3534-770e-4bab-845a-0159c0645106
- msft-kb4103731-f80f24fa-933a-44d1-a83a-8013a727d881
- msft-kb4130957-48a62135-6ec9-453b-92c9-04c65feb14d0
- msft-kb4130957-75987ff5-4db2-421d-a52a-9d9274e04e78
- msft-kb4130957-90c43009-99e5-42cf-b6ed-6db6ecd107b8
- msft-kb4130957-c4771e93-224b-4d88-b78f-669cd1c98bc2
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center