Elevation of Privilege Vulnerability in Microsoft Windows Kernel
CVE-2017-8561

7HIGH

Key Information:

Vendor: Microsoft
Status: Windows Kernel In Microsoft Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016
Vendor: CVE Published:; 11 July 2017

Summary

The vulnerability in the Windows kernel allows attackers to elevate their privileges by leveraging the improper handling of objects in memory. This flaw affects multiple versions of Microsoft Windows, including specific editions of Windows 10 and Windows Server. Attackers exploiting this vulnerability could gain unauthorized access to system resources and execute arbitrary code with higher privileges. To mitigate risk, it is crucial for users to apply the latest security patches provided by Microsoft and follow best practices for system security.

Affected Version(s)

Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Windows kernel

References

https://portal.msrc.microsoft.com/en-us/security-guidance...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/99426

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2017
Vulnerability Reserved
May 3, 2017