Intrusion PreventionMS.Windows.ITS.Protocol.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Microsoft Windows ITS protocol.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted response. A remote attacker may be able to exploit this to disclose information from the target system by tricking the user to send a HTTP request to the attacker.
Affected Products
Microsoft Windows 10 version 1709 (64-bits)
Microsoft Windows 10 version 1709 (32-bits)
Microsoft Windows 10 version 1703 (64-bit)
Microsoft Windows 10 version 1703 (32-bit)
Microsoft Windows 10 for 32-bit Systems
Microsoft Windows Windows 7 for x64-based Systems Service Pack 1
Microsoft Windows Windows 7 for 32-bit Systems Service Pack 1
Microsoft Windows 8.1 for x64-based Systems
Microsoft Windows 8.1 for 32-bit Systems
Microsoft Windows RT 8.1
Microsoft Windows 10 Version 1607 for x64-based Systems
Microsoft Windows 10 Version 1607 for 32-bit Systems
Microsoft Windows 10 Version 1511 for x64-based Systems
Microsoft Windows 10 Version 1511 for 32-bit Systems
Microsoft Windows 10 for x64-based Systems
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2 (Server Core)
Microsoft Windows Server 2012 (Server Core)
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11927
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 45357 |
| Created | Jan 10, 2018 |
| Updated | Nov 03, 2021 |
| Risk |
|
| CVE ID | CVE-2017-11927 |
| Exploit Prediction Score | 3.58% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |