CVE-2017-8461 漏洞信息：Microsoft Security Update for Windows XP and Windows Server 2003 Missing - June 2017 (KB4024323)

漏洞类别：Windows

漏洞等级：

漏洞信息

A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled.

QID Detection Logic (Authenticated):
Operating Systems: Windows XP Embedded, Windows Server 2003
This QID checks for the file version of %windir%\System32\Rasctrs.dll less than 5.2.3790.6099

漏洞危害

An attacker who successfully exploited this vulnerability could execute code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

解决方案

Customers are advised to refer to KB4024323 for more information pertaining to this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

KB4024323

0daybank