Two vulnerabilities in Microsoft Windows

Published: 2017-09-12 22:55:52 | Updated: 2017-09-12 23:00:13
Severity Low
Patch available YES
Number of vulnerabilities 2
CVSSv2 5.3 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.4 (AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
CVSSv3 7.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
4.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE ID CVE-2017-8702
CVE-2017-8716
CWE ID CWE-20
CWE-264
Exploitation vector Local
Public exploit Not available
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 10
Windows Server 2016
Vendor URL Microsoft
Advisory type Public

Security Advisory

1) Privilege escalation

Description

The disclosed vulnerability allows a local user to escalate privileges on the system.

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. A local user can execute arbitrary code on the target system with elevated privileges.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8702

2) Security restrictions bypass

Description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The vulnerability exists due to mishandling of objects in memory by Windows Control Flow Guard. A local attacker can run a specially crafted application and bypass security restrictions.

Remediation

Install update from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8716

Back to List