CVE-2017-0077

CVE: CVE-2017-0077
Published: 2017-05-12T14:29Z
Vendor: microsoft
Products: windows_10
Versions: 1607, 1511, -, 1703,
windows_server_2012
Versions: r2, -,
windows_8.1
Versions: *,
windows_server_2008
Versions: r2, *,
windows_server_2016
Versions: -,
windows_rt_8.1
Versions: *,
windows_7
Versions: *,
Description Language: en
Description: The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain information, or in Windows 7 and later, cause denial of service, aka “Win32k Information Disclosure Vulnerability.”
References:
http://www.securityfocus.com/bid/98114
http://www.securitytracker.com/id/1038454
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0077

CVE-2017-0064

CVE: CVE-2017-0064
Published: 2017-05-12T14:29Z
Vendor: microsoft
Products: internet_explorer
Versions: 9, 11, 10,
Description Language: en
Description: A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka “Internet Explorer Security Feature Bypass Vulnerability.”
References:
http://www.securityfocus.com/bid/98121
http://www.securitytracker.com/id/1038447
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0064