Описание
Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory.
To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL).
The security update addresses the vulnerability by correcting how Windows handles objects in memory to properly enforce VTLs.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 for 32-bit Systems | ||
| Windows 10 for x64-based Systems | ||
| Windows 10 Version 1511 for x64-based Systems | ||
| Windows 10 Version 1511 for 32-bit Systems | ||
| Windows Server 2016 | ||
| Windows 10 Version 1607 for 32-bit Systems | ||
| Windows 10 Version 1607 for x64-based Systems | ||
| Windows Server 2016 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
7 High
CVSS3
Связанные уязвимости
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".
EPSS
7 High
CVSS3