Medium severity4.7NVD Advisory· Published Jun 15, 2017· Updated May 13, 2026

CVE-2017-8553

Description

An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".

Affected products

Microsoft/Windows 8.1
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*
Microsoft/Windows Rt 8.1
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Microsoft/Windows Server 20083 versions
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
Microsoft/Windows Server 20122 versions
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 2016
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Microsoft Corporation/Windows kernelv5
Range: Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8553nvdPatchVendor Advisory
www.securityfocus.com/bid/98940nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038662nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.306
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000