vulnerability
Microsoft Windows: CVE-2017-8692: Windows Uniscribe Remote Code Execution Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Sep 12, 2017 | Sep 12, 2017 | Sep 5, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Sep 12, 2017
Added
Sep 12, 2017
Modified
Sep 5, 2025
Description
The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle objects in memory, aka "Uniscribe Remote Code Execution Vulnerability".
Solutions
microsoft-windows-windows_10-1507-kb4038781microsoft-windows-windows_10-1511-kb4038783microsoft-windows-windows_10-1607-kb4038782microsoft-windows-windows_10-1703-kb4038788microsoft-windows-windows_server_2012-kb4038786microsoft-windows-windows_server_2012_r2-kb4038793microsoft-windows-windows_server_2016-1607-kb4038782msft-kb4038786-2ac4d3a4-287f-4f33-bb61-b7b81245f55bmsft-kb4038786-793b7e3e-090e-472e-b275-b520b5832a77msft-kb4038793-8c3d7238-564c-4ed3-ae6f-e3d9881f6f5fmsft-kb4038793-d97e9753-f904-44d9-87a2-35cbf248aef4
References
- BID-100762
- CVE-2017-8692
- https://attackerkb.com/topics/CVE-2017-8692
- CWE-119
- https://support.microsoft.com/help/4038781
- https://support.microsoft.com/help/4038782
- https://support.microsoft.com/help/4038783
- https://support.microsoft.com/help/4038786
- https://support.microsoft.com/help/4038788
- https://support.microsoft.com/help/4038793
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.