Medium severity5.5NVD Advisory· Published Jun 15, 2017· Updated May 13, 2026

CVE-2017-8493

Description

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".

Affected products

Microsoft Corporation/Microsoft Windowsv5
Range: Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016.
Microsoft/Windows 104 versions
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
Microsoft/Windows 8.1
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
Microsoft/Windows Rt 8.1
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Microsoft/Windows Server 2012
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 2016
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493nvdPatchVendor Advisory
www.securityfocus.com/bid/98850nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038671nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000