CVE-2017-7327

Name of the Vulnerable Software and Affected Versions Yandex Browser versions prior to 17.4.1

Description The issue exists due to the lack of checks for loading paths of certain DLL files, including dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll, and profapi.dll. This can allow an attacker to execute arbitrary code.

Recommendations For versions prior to 17.4.1, update to version 17.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable DLL files until a patch is available.