CVE-2017-8553

EPSS 2.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

15 Jun 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".

Affected products

Microsoft Corporation · Windows kernel

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8553 http://www.securityfocus.com/bid/98940 http://www.securitytracker.com/id/1038662