Privilege escalation in Microsoft Windows Win32k

Published: 2018-08-14 22:19:03
Severity Low
Patch available YES
Number of vulnerabilities 2
CVE ID CVE-2018-8404
CVE-2018-8399
CVSSv3 7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Local
Public exploit N/A
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 7
Windows 10
Windows Server 2012
Windows Server 2012 R2
Windows Server 2008 R2
Windows Server 2016
Vendor URL Microsoft

Security Advisory

1) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper handling of objects in memory by the Win32k component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code in kernel mode.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8404

2) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper handling of objects in memory by the Win32k component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code in kernel mode.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8399

Back to List