Overview:

The Microsoft has re-released a patch for CVE-2017-8529 to fix a print issue related to this vulnerability. The patch is not fully applied unless certain registry keys are set even after installing the respective Operating System patches. This article describes the steps to update registry settings to be fully protected from this vulnerability. 


Affected OS: All supported Microsoft Windows except Windows 10 1709 and Windows 10 1803


Solution : 

1. Install the patches recommended in the Microsoft advisory CVE-2017-8529

2. Create the following registry entries

Registry Changes,

For 32-bit and 64-bit systems:

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\
  3. Right-click FeatureControl, point to New, and then click Key.
  4. Type FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, and then press Enter to name the new subkey.
  5. Right-click FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, point to New, and then click DWORD Value.
  6. Type “iexplore.exe” for the new DWORD value.
  7. Double-click the new DWORD value named iexplore.exe and change the Value data field to 1.
  8. Click OK to close.

 

For 64-bit systems only:

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\
  3. Right-click FeatureControl, point to New, and then click Key.
  4. Type FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, and then press Enter to name the new subkey.
  5. Right-click FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, point to New, and then click DWORD Value.
  6. Type “iexplore.exe” for the new DWORD value.
  7. Double-click the new DWORD value named iexplore.exe and change the Value data field to 1.
  8. Click OK to close

Please refer below image for registry changes.


Automate Patching with Saner:

Saner can automate the above patching across the organization with ease. Click here to explore patching steps using Saner.


Saner Personal Users:

Follow the below steps to fully patch this vulnerability.
1. Download the sp_cve-2017-8529_print_info_dis_reg_fix.zip zip file and unzip to get sp_cve-2017-8529_print_info_dis_reg_fix.exe
2. Open the cmd.exe as an ‘administrator’
3. Go the path where sp_cve-2017-8529_print_info_dis_reg_fix.exe is extracted
4. Run the below command with “/S” silent option to fully patch this vulnerability.
C:\>sp_cve-2017-8529_print_info_dis_reg_fix.exe /S

These steps will resolve this vulnerability completely. Saner will stop reporting about this vulnerability from the next manual or scheduled scan.


References:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8529


Summary
Article Name
How to Fully Fix CVE-2017-8529, Microsoft Browser Information Disclosure Vulnerability
Author
Publisher Name
SecPod Technologies
Publisher Logo
Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>