AnsweredAssumed Answered

Issues with CVE-2017-8564 (Microsoft Windows Security Update July 2017)

Question asked by Daniel Larke on Dec 5, 2017
Latest reply on Dec 5, 2017 by DMFezzaReed

I have Microsoft Windows Security Update July 2017 popping up on my scan on a couple servers. The servers are fully patched. I have downloaded the July security patch by hand. When I run the patch, a pop up saying "This update is not applicable to your computer." The server is Windows 2012 R2. These servers are domain controllers.

 

I checked the reg entries. LanmanNT is the entry in the reg from the RESULTS. I was thinking about deleting this entry and rerun the patch.

 

Thanks.

 


Below is the message from the Qualy report.

 

Reference: CVE-2017-8564

Description: Microsoft Windows Kernel - 'IOCTL 0x120007 NsiGetParameter' nsiproxy/netio Pool Memory Disclosure - The Exploit-DB Ref : 42338

 

Link: http://www.exploit-db.com/exploits/42338

 

RESULTS
:HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions ProductType = LanmanNT
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters LdapEnforceChannelBinding is missing.
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters LdapEnforceChannelBinding is missing.

Outcomes