CVE-2017-11769

EUVD-2017-3378
The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_server_2016
*
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4042895
1511 (x64, x86)
KB4041689
1607 (x64, x86)
KB4041691
1703 (x64, x86)
KB4041676
Windows Server 2016
Server Core
KB4041691
Standard
KB4041691
References
http://www.securityfocus.com/bid/101112
http://www.securitytracker.com/id/1039535
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11769
http://www.securityfocus.com/bid/101112
http://www.securitytracker.com/id/1039535
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11769