CVE-2017-0064
medium
CVSS v3
6.5
VIR risk
6.5
Description
A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability."
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Source: Microsoft Security Response Center · View original ↗ · proprietary-no-redistribution
Full prose not cached — VIR stores only structured fields (affected/fixed versions, references) for this source. Click "View original" above for the vendor's full advisory.
Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | Microsoft Forefront Security for SharePoint Service Pack 3 | |
| microsoft | Microsoft Security Essentials | |
| microsoft | Microsoft Office for Mac 2011 | |
| microsoft | Microsoft PowerPoint for Mac 2011 | |
| microsoft | Windows 7 for 32-bit Systems Service Pack 1 | |
| microsoft | Windows 7 for x64-based Systems Service Pack 1 | |
| microsoft | Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | |
| microsoft | Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | |
| microsoft | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | |
| microsoft | Microsoft Office 2007 Service Pack 3 | |
| microsoft | Microsoft Word 2007 Service Pack 3 | |
| microsoft | Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | |
| microsoft | Microsoft Forefront Endpoint Protection | |
| microsoft | Windows Intune Endpoint Protection | |
| microsoft | Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 | |
| microsoft | Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 | |
| microsoft | Windows Server 2012 | |
| microsoft | Windows Server 2012 (Server Core installation) | |
| microsoft | Adobe Flash Player on Windows Server 2012 | |
| microsoft | Adobe Flash Player on Windows 8.1 for 32-bit systems | |
| microsoft | Adobe Flash Player on Windows 8.1 for x64-based systems | |
| microsoft | Adobe Flash Player on Windows Server 2012 R2 | |
| microsoft | Adobe Flash Player on Windows RT 8.1 | |
| microsoft | Adobe Flash Player on Windows 10 for 32-bit Systems | |
| microsoft | Adobe Flash Player on Windows 10 for x64-based Systems | |
| microsoft | Adobe Flash Player on Windows 10 Version 1511 for x64-based Systems | |
| microsoft | Adobe Flash Player on Windows 10 Version 1511 for 32-bit Systems | |
| microsoft | Adobe Flash Player on Windows Server 2016 | |
| microsoft | Adobe Flash Player on Windows 10 Version 1607 for 32-bit Systems | |
| microsoft | Adobe Flash Player on Windows 10 Version 1607 for x64-based Systems | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| microsoft | internet_explorer | 9 | |
| microsoft | internet_explorer | 10 | |
| microsoft | internet_explorer | 11 | |
References
- http://www.securityfocus.com/bid/98121
- http://www.securitytracker.com/id/1038447
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0064
- http://www.securityfocus.com/bid/98121
- http://www.securitytracker.com/id/1038447
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0064
💬 Discuss CVE-2017-0064 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.