Microsoft security alert.
June 13, 2017
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 104 vulnerabilities that were fixed in 9 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 9 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Internet Explorer Security Update for June 2017
- Severity
- Urgent 5
- Qualys ID
- 100313
- Vendor Reference
- KB4021558, KB4022714, KB4022715, KB4022719, KB4022724, KB4022725, KB4022726, KB4022727
- CVE Reference
- CVE-2016-3326, CVE-2017-8517, CVE-2017-8519, CVE-2017-8522, CVE-2017-8524, CVE-2017-8529, CVE-2017-8547
- CVSS Scores
- Base 7.6 / Temporal 6.6
- Description
-
Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems.
Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabilities found in Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10) and Internet Explorer 11 (IE 11). The security updated is rated Moderate for for Internet Explorer 9 (IE 9) and Internet Explorer 10 (IE 10) and Critical for Internet Explorer 11 (IE 11).
The Security Update addresses the vulnerabilities by fixing:
1) The update addresses the vulnerability by fixing how Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8517)
2) The update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. (CVE-2017-8519)
3) The update addresses the vulnerability by fixing how Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8522)
4) The update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8524)
5) The update addresses the vulnerability by restricting the information returned on affected Microsoft browsers. (CVE-2017-8529)
6) The update addresses the vulnerability by modifying how JavaScript scripting engines objects in memory. (CVE-2017-8547)
KB Articles associated with the Update:1) 4022714
2) 4022726
3) 4021558
4) 4022715
5) 4022727
6) 4022725
7) 4022724
8) 4022719Please note: CVE-2016-3326 affects only Windows 10, Windows 10 Version 1511, and Windows 10 Version 1607
QID Detection Logic (Authenticated):
Operating Systems: Windows XP Embedded, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8.1, Windows RT 8.1, Windows10, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
This QID checks for the file version of %windir%\System32\mshtml.dll
The following KBs are checked:
The patch version of 8.0.6001.23952(KB4021558)
The patch version of 9.0.8112.16906 (KB4021558)
The patch version of 9.0.8112.21017 (KB4021558)
The patch version of 10.0.9200.22168 (KB4022724)
The patch version of 11.0.9600.18698 (KB4021558 or KB4022719 or KB4022726)
The patch version of 11.0.10240.17443 (KB4022727)
The patch version of 11.0.10586.962 (KB4022714)
The patch version of 11.0.14393.1356 (KB4022715)
The patch version of 11.0.15063.413 (KB4022725) - Consequence
-
Successful exploitation of the vulnerability allows:
1) Remote Code Execution (CVE-2017-8517, CVE-2017-8519,CVE-2017-8522,CVE-2017-8524)
2) Information Disclousre (CVE-2017-8529, CVE-2017-8547) - Solution
-
For more information, Customers are advised to refer the Security Update Guide.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
4021558
4022714
4022715
4022719
4022724
4022725
4022726
4022727
-
Microsoft Office and Microsoft Office Services and Web Apps Security Update June 2017
- Severity
- Critical 4
- Qualys ID
- 110299
- Vendor Reference
- KB3118304, KB3118389, KB3127888, KB3127894, KB3162051, KB3172445, KB3178667, KB3191828, KB3191837, KB3191844, KB3191848, KB3191882, KB3191898, KB3191908, KB3191932, KB3191938, KB3191939, KB3191943, KB3191944, KB3191945, KB3203382, KB3203383, KB3203384, KB3203386, KB3203387, KB3203390, KB3203391, KB3203392, KB3203393, KB3203399, KB3203427, KB3203430, KB3203432, KB3203436, KB3203438, KB3203441, KB3203458, KB3203460, KB3203461, KB3203463, KB3203464, KB3203466, KB3203467, KB3203484, KB3203485, KB3212223
- CVE Reference
- CVE-2017-0260, CVE-2017-0282, CVE-2017-0283, CVE-2017-0284, CVE-2017-0285, CVE-2017-0286, CVE-2017-0287, CVE-2017-0288, CVE-2017-0289, CVE-2017-0292, CVE-2017-8506, CVE-2017-8507, CVE-2017-8508, CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-8513, CVE-2017-8514, CVE-2017-8527, CVE-2017-8528, CVE-2017-8531, CVE-2017-8532, CVE-2017-8533, CVE-2017-8534, CVE-2017-8545, CVE-2017-8550, CVE-2017-8551
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
Microsoft releases security updates on June 2017 to fix following vulnerabilities:
- Microsoft Office Remote Code Execution(CVE-2017-0260). - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0282). - Windows Uniscribe Remote Code Execution Vulnerability(CVE-2017-0283) - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0284). - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0285). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0286). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0287). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0288). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0289). - Windows PDF Remote Code Execution Vulnerability(CVE-2017-0292). - Microsoft Office Remote Code Execution(CVE-2017-8506). - Microsoft Office Memory Corruption Vulnerability(CVE-2017-8507). - Microsoft Office Security Feature Bypass Vulnerability(CVE-2017-8508). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8509). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8510). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8511). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8512). - Microsoft PowerPoint Remote Code Execution Vulnerability(CVE-2017-8513). - Microsoft SharePoint Reflective XSS Vulnerability(CVE-2017-8514). - Windows Graphics Remote Code Execution Vulnerability(CVE-2017-8527). - Windows Uniscribe Remote Code Execution Vulnerability(CVE-2017-8528). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8531). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8532). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8533). - Windows Uniscribe Information Disclosure VulnerabilityCVE-2017-8534). - Microsoft Outlook for Mac Spoofing Vulnerability(CVE-2017-8545). - Skype for Business Remote Code Execution Vulnerability(CVE-2017-8550). - SharePoint XSS vulnerability(CVE-2017-8551) This security updates contain following KBs:
KB3118304 KB3118389 KB3127888 KB3127894 KB3162051 KB3172445 KB3178667 KB3191828 KB3191837 KB3191844 KB3191848 KB3191882 KB3191898 KB3191908 KB3191932 KB3191938 KB3191939 KB3191943 KB3191944 KB3191945 KB3203382 KB3203383 KB3203384 KB3203386 KB3203387 KB3203390 KB3203391 KB3203392 KB3203393 KB3203399 KB3203427 KB3203430 KB3203432 KB3203436 KB3203438 KB3203441 KB3203458 KB3203460 KB3203461 KB3203463 KB3203464 KB3203466 KB3203467 KB3203484 KB3203485 KB3212223 - Consequence
- An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
- Solution
-
Customers are advised to refer to Microsoft Security Guidance for more details pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB3118304 Microsoft Office 2007 (all editions) and other software
KB3118389 Microsoft Office 2010 (all editions) 32
KB3118389 Microsoft Office 2010 (all editions) 64
KB3127888 Microsoft Office 2007 (all editions) and other software
KB3127894
KB3162051 Microsoft Office 2013 (all editions) 32
KB3162051 Microsoft Office 2013 (all editions) 64
KB3178667 Microsoft Office 2016 (all editions) 32
KB3178667 Microsoft Office 2016 (all editions) 64
KB3191828 Microsoft Office 2007 (all editions) and other software
KB3191837 Microsoft Office 2007 (all editions) and other software
KB3191843 Microsoft Office 2010 (all editions) 32
KB3191843 Microsoft Office 2010 (all editions) 64
KB3191844 Microsoft Office 2010 (all editions) 32
KB3191844 Microsoft Office 2010 (all editions) 64
KB3191848 Microsoft Office 2010 (all editions) 32
KB3191848 Microsoft Office 2010 (all editions) 64
KB3191882 Microsoft Office 2016 (all editions) 32
KB3191882 Microsoft Office 2016 (all editions) 64
KB3191898 Microsoft Office 2007 (all editions) and other software
KB3191908 Microsoft Office 2010 (all editions) 32
KB3191908 Microsoft Office 2010 (all editions) 64
KB3191932 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 32
KB3191932 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 64
KB3191937 Microsoft Communications Platforms and Software(Lync 2013 32)
KB3191937 Microsoft Communications Platforms and Software(Lync 2013 64)
KB3191938 Microsoft Office 2013 (all editions) 32
KB3191938 Microsoft Office 2013 (all editions) 64
KB3191943 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 32
KB3191943 Microsoft Office 2016 (all editions) 64
KB3191944 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 32
KB3191944 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 64
KB3191945 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 32
KB3191945 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 64
KB3203382 Microsoft Communications Platforms and Software 32
KB3203382 Microsoft Communications Platforms and Software 64
KB3203383 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 32
KB3203383 Microsoft Office 2016 (all editions) 32Microsoft Office 2016 (all editions) 64
KB3203386 Microsoft Office 2013 (all editions) 32
KB3203386 Microsoft Office 2013 (all editions) 64
KB3203391 Microsoft Office Web Apps 2013 (all versions)
KB3203392 Microsoft Office 2013 (all editions) 32
KB3203392 Microsoft Office 2013 (all editions) 64
KB3203393 Microsoft Office 2013 (all editions) 32
KB3203393 Microsoft Office 2013 (all editions) 64
KB3203427 Microsoft Office 2007 (all editions) and other software
KB3203430 Microsoft SharePoint Server 2013 (all editions)
KB3203432 Microsoft SharePoint Server 2016 (all editions)
KB3203436 Microsoft Office 2007 (all editions) and other software
KB3203438 Microsoft Office 2007 (all editions) and other software
KB3203441 Microsoft Office 2007 (all editions) and other software
KB3203458 Microsoft SharePoint Server 2010 (all editions)
KB3203460 Microsoft Office 2010 (all editions) 32
KB3203460 Microsoft Office 2010 (all editions) 64
KB3203461 Microsoft Office 2010 (all editions) 32
KB3203461 Microsoft Office 2010 (all editions) 64
KB3203463 Microsoft Office 2010 (all editions) 32
KB3203463 Microsoft Office 2010 (all editions) 64
KB3203464 Microsoft Office 2010 (all editions) 32
KB3203464 Microsoft Office 2010 (all editions) 64
KB3203466 Microsoft Office Web Apps 2010 (all versions)
KB3203467 Microsoft Office 2010 (all editions) 32
KB3203467 Microsoft Office 2010 (all editions) 64
KB3203484 Microsoft Office 2007 (all editions) and other software
KB3203484 Microsoft Office 2007 (all editions) and other software
KB3203485
-
Microsoft Windows Security Update June 2017
- Severity
- Critical 4
- Qualys ID
- 91385
- Vendor Reference
- KB3217845, KB4021903, KB4021923, KB4022008, KB4022010, KB4022013, KB4022714, KB4022717, KB4022718, KB4022722, KB4022727, KB4022883, KB4022884, KB4022887, KB4024402, KB4025339, KB4025342
- CVE Reference
- CVE-2017-0173, CVE-2017-0193, CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, CVE-2017-0219, CVE-2017-0260, CVE-2017-0282, CVE-2017-0283, CVE-2017-0284, CVE-2017-0285, CVE-2017-0286, CVE-2017-0287, CVE-2017-0288, CVE-2017-0289, CVE-2017-0291, CVE-2017-0292, CVE-2017-0294, CVE-2017-0295, CVE-2017-0296, CVE-2017-0297, CVE-2017-0298, CVE-2017-0299, CVE-2017-0300, CVE-2017-8460, CVE-2017-8462, CVE-2017-8464, CVE-2017-8465, CVE-2017-8466, CVE-2017-8468, CVE-2017-8469, CVE-2017-8470, CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE-2017-8474, CVE-2017-8475, CVE-2017-8476, CVE-2017-8477, CVE-2017-8478, CVE-2017-8479, CVE-2017-8480, CVE-2017-8481, CVE-2017-8482, CVE-2017-8483, CVE-2017-8484, CVE-2017-8485, CVE-2017-8488, CVE-2017-8489, CVE-2017-8490, CVE-2017-8491, CVE-2017-8492, CVE-2017-8493, CVE-2017-8494, CVE-2017-8515, CVE-2017-8527, CVE-2017-8528, CVE-2017-8531, CVE-2017-8532, CVE-2017-8533, CVE-2017-8534, CVE-2017-8543, CVE-2017-8544, CVE-2017-8553, CVE-2017-8554, CVE-2017-8575, CVE-2017-8576, CVE-2017-8579
- CVSS Scores
- Base 10 / Temporal 8.3
- Description
-
Microsoft has released Cumulative Security Updates for Windows which addresses the following vulnerabilities:
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.
An elevation of privilege vulnerability exists when tdx.sys fails to check the length of a buffer prior to copying memory to the buffer.
A remote code execution exists in Microsoft Windows that could allow remote code execution if the icon of a specially crafted shortcut is displayed.KB Articles associated with the Update:
3217845
4021903
4021923
4022008
4022010
4022013
4022714
4022715
4022717
4022718
4022722
4022725
4022727
4022883
4022884
4022887
4024402
NOTE:- To Patch CVE-2017-8543 on Windows 10 Version 1607 and Windows 10 Version 1703 please apply the July updates i.e. KB4025339 (for Windows 10 Version 1607) and KB4025342 (Windows 10 Version 1703).
- Consequence
- Successful exploitation allows an attacker to execute arbitrary code and take control of an affected system.
- Solution
-
Customers are advised to refer to Microsoft Security Guidance for more details pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB3217845
KB4021903
KB4021923
KB4022008
KB4022010
KB4022013
KB4022714
KB4022717
KB4022718
KB4022722
KB4022727
KB4022883
KB4022884
KB4022887
KB4024402
KB4025339
KB4025342
-
Microsoft Edge Security Update for June 2017
- Severity
- Serious 3
- Qualys ID
- 91384
- Vendor Reference
- KB4022714, KB4022715, KB4022725, KB4022727
- CVE Reference
- CVE-2016-3326, CVE-2017-8496, CVE-2017-8497, CVE-2017-8498, CVE-2017-8499, CVE-2017-8504, CVE-2017-8517, CVE-2017-8518, CVE-2017-8520, CVE-2017-8521, CVE-2017-8522, CVE-2017-8523, CVE-2017-8524, CVE-2017-8529, CVE-2017-8530, CVE-2017-8548, CVE-2017-8549, CVE-2017-8555
- CVSS Scores
- Base 7.6 / Temporal 6.3
- Description
-
Microsoft Edge is the latest web-browser developed by Microsoft which is included in the Windows Operating Systems.
Microsoft Edge suffers multiple security vulnerabilities. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. Many information disclosure vulnerabilities have been fixed in the Microsoft Edge Fetch API, JavaScript XML DOM objects, scripting engine these allow attackers to detect browser extensions, URL of a cross-origin request, detect specific files. This update also addresses vulnerabilities in how edge enforces same-origin policy and Content Security Policies.
Affected Version:
Microsoft Edge on all Windows 10 versions and Windows Server 2016 KB Articles associated with the Update:1) 4022715
2) 4022725
3) 4022714
4) 4022727
Please note: CVE-2016-3326 affects only Windows 10, Windows 10 Version 1511, and Windows 10 Version 1607
QID Detection Logic (Authenticated):
Operating Systems: All versions of Windows 10 and Windows Server 2016
This QID checks for the file version of %windir%\System32\edgehtml.dll
The following KBs are checked:
The patch version is 11.0.10586.962(KB4022714)
The patch version is 11.0.14393.1356(KB4022715)
The patch version is 11.0.15063.413(KB4022725)
The patch version is 11.0.10240.17443(KB4022727)
- Consequence
-
Successful exploitation of the vulnerability may allow the attacker to cause:
1) Remote Code Execution
2) Arbitrary Code Execution
3) File and browser extension detection
- Solution
-
For more information, Customers are advised to refer the Security Update Guide.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
Edge Security Update for June 2017 Windows 10 Version 1511 for x86 and x64
Edge Security Update for June 2017 Windows 10 Version 1607 for x86 and x64
Edge Security Update for June 2017 Windows 10 Version 1703 for x86 and x64
Edge Security Update for June 2017 Windows 10 for x86 and x64
Edge Security Update for June 2017 Windows Server 2016
-
Microsoft Silverlight 5 Security Update June 2017
- Severity
- Critical 4
- Qualys ID
- 91383
- Vendor Reference
- KB4023307
- CVE Reference
- CVE-2017-0283, CVE-2017-8527
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
Microsoft Silverlight is a Web browser plug-in for Windows and Mac OS X that delivers high quality video/audio, animation, and richer Website experiences in popular Web browsers.
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application.
This security update to Silverlight includes fixes outlined in KB 4023307.
QID Detection Logic:
This authenticated QID checks if the file version of sllauncher.exe is lesser than 5.1.50907.0. - Consequence
-
Successful exploitation could allow a remote attacker to execute arbitrary code on a targeted system.
- Solution
-
Customers are advised to view KB4023307 for instructions pertaining to the remediation of these vulnerabilities.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB4023307
-
"textcounter.pl" CGI Vulnerability
- Severity
- Urgent 5
- Qualys ID
- 10031
- Vendor Reference
- N/A
- CVE Reference
- CVE-1999-1479
- CVSS Scores
- Base 10 / Temporal 8.3
- Description
- The script textcounter.pl does not properly check for shell meta-characters.
- Consequence
- If successfully exploited, unauthorized remote users can execute arbitrary commands on your Web server.
- Solution
- Upgrade this script, which is available for download from the World Wide Mart Web Hosting Web site.
-
Microsoft Security Update for Windows XP and Windows Server 2003 Missing - June 2017 (KB4025218)
- Severity
- Critical 4
- Qualys ID
- 91388
- Vendor Reference
- KB4025218
- CVE Reference
- CVE-2017-8487
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input.
QID Detection Logic (Authenticated):
Operating Systems: Windows XP Embedded, Windows Server 2003
This QID checks for the file version of %windir%\System32\Olecnv32.dll less than 5.2.3790.6113 - Consequence
- An attacker could exploit the vulnerability to execute malicious code.
- Solution
-
Customers are advised to refer to KB4025218 for more information pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB4025218
-
Microsoft Security Update for Windows XP and Windows Server 2003 Missing - June 2017 (KB4024323)
- Severity
- Urgent 5
- Qualys ID
- 91387
- Vendor Reference
- KB4024323
- CVE Reference
- CVE-2017-8461
- CVSS Scores
- Base 6.9 / Temporal 5.4
- Description
-
A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled.
QID Detection Logic (Authenticated):
Operating Systems: Windows XP Embedded, Windows Server 2003
For x86 targets this QID checks for the file version of %windir%\System32\Rasctrs.dll less than 5.1.2600.7272.
For x64 targets this QID checks for the file version of %windir%\System32\Rasctrs.dll less than 5.2.3790.6099. - Consequence
- An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Solution
-
Customers are advised to refer to KB4024323 for more information pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB4024323
-
Microsoft Security Update for Windows XP and Windows Server 2003 Missing - June 2017 (KB4022747)
- Severity
- Critical 4
- Qualys ID
- 91386
- Vendor Reference
- KB4022747
- CVE Reference
- CVE-2017-0176
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
A remote code execution vulnerability exists in Remote Desktop Protocol (RDP) if the RDP server has Smart Card authentication enabled.
QID Detection Logic (Authenticated):
Operating Systems: Windows XP Embedded, Windows Server 2003
For Windows XP QID checks for the file version of %windir%\System32\Gpkcsp.dll less than 5.1.2600.7264
For Windows 2003 this QID checks for the file version of %windir%\System32\Gpkcsp.dll less than 5.2.3790.6093 - Consequence
- An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Solution
-
Customers are advised to refer to KB4022747 for more information pertaining to this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
KB4022747
These new vulnerability checks are included in Qualys vulnerability signature 2.4.62-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 100313
- 110299
- 91385
- 91384
- 91383
- 10031
- 91388
- 91387
- 91386
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.