vulnerability
Microsoft Windows: CVE-2017-8582: Http.sys Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Jul 11, 2017 | Jul 11, 2017 | Sep 5, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 11, 2017
Added
Jul 11, 2017
Modified
Sep 5, 2025
Description
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memory, aka "Https.sys Information Disclosure Vulnerability".
Solutions
microsoft-windows-windows_10-1507-kb4025338microsoft-windows-windows_10-1511-kb4025344microsoft-windows-windows_10-1607-kb4025339microsoft-windows-windows_10-1703-kb4025342microsoft-windows-windows_server_2012-kb4025343microsoft-windows-windows_server_2012_r2-kb4025333microsoft-windows-windows_server_2012_r2-kb4025336microsoft-windows-windows_server_2016-1607-kb4025339msft-kb4022914-44735a5d-ec60-4954-ae2b-04237463dc2bmsft-kb4022914-4475408e-c93d-426e-b3c6-9625c2cd053bmsft-kb4022914-4a9549c8-75f2-4870-95ff-d29150b5aacbmsft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30ab
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.