Windows 10 / Windows Server 2016 September 2017 Information Disclosure Vulnerability (CVE-2017-8529)

Sathishkumar Singh 61 Reputation points
2020-09-30T08:16:54.937+00:00

Hello Team
We are getting the below Vulnerability in Windows server 2016 , and all the latest CU has been installed on these server .
Even then we are getting below Vulnerability in our Nessus Report . Can you please let me know the fix or KB to be installed to fix this issue ?
29373-image-2020-09-29t07-14-53-329z.png

29300-windows-server-2016.png

Sathishkumar Singh

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,764 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Joy Qiao 4,766 Reputation points Microsoft Employee
    2020-10-01T05:54:25.907+00:00

    Hi,

    In the official article CVE-2017-8529 | Microsoft Browser Information Disclosure Vulnerability states, the fix update is KB4038782 for Windows Server 2016, KB4038788 for Windows 10 version 1703, KB4038783 for Windows 10 version 1511.

    But as you said you have update to the latest, so there is no need to install those packages manually as they have been replaced by those updates released later.

    After installed those update package, we also need to make modification on registry. Please refer that CVE-2017-8529 link and check FAQ part for details.

    Bests,

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    No comments