CVE-2017-0022
Microsoft XML Core Services Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
18.1%
p97
KEV
YES
May 24, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
18.1%EPSS · 30 days18.1%
2026-06-302026-07-16
Product
Microsoft / XML Core Services
Vulnerability
Microsoft XML Core Services Information Disclosure Vulnerability
Added to KEV
May 24, 2022
Remediate by
Jun 14, 2022
Known ransomware use
No
Summary description
Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0022
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2012-1889—99.7%
KEV—80Microsoft XML Core Services Memory Corruption Vulnerability—