High severity7.0NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026

CVE-2017-0278

Description

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0279.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/Windows 10 19094 versions
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
Microsoft/Windows 7
cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
Microsoft/Windows 8.12 versions
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows Rt 8.12 versions
cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows Server 20082 versions
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
Microsoft/Windows Server 20122 versions
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 20162 versions
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows 10llm-fuzzy
Microsoft/Windows 7 SP1llm-fuzzy
Microsoft/Windows Server 2012 Gold and R2llm-fuzzy
Microsoft/Windows Server 2008 SP2 and R2 SP1llm-fuzzy
Microsoft Corporation/Microsoft Server Message Block 1.0v5
Range: Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016.

Patches

Vulnerability mechanics

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0278nvdMitigationPatchVendor Advisory
www.securityfocus.com/bid/98271nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038430nvd
ics-cert.us-cert.gov/advisories/ICSMA-18-058-02nvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.009
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000