Privilege escalation in Microsoft Windows Win32k.sys driver

Published: 2019-03-12 21:50:48 | Updated: 2019-03-12
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2019-0797
Exploitation vector Local
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 10
Windows RT 8.1

Show more

Windows Server 2012
Windows Server 2012 R2
Windows Server 2016

Show more

Vendor URL Microsoft

Security Advisory

1) Memory corruption


The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Win32k.sys driver. A local user can execute a specially crafted application, trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Install updates from vendor's website.

External links

Back to List