Endpoint Vulnerability

Microsoft Windows Information Disclosure Vulnerability

Description

An information disclosure vulnerability exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL. This could potentially result in the disclosure of sensitive information to a malicious site.

Affected Products

Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)

References

CVE-2017-11927,