Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0026: Win32k Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2017-0026: Win32k Elevation of Privilege Vulnerability

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
03/14/2017
Created
07/25/2018
Added
03/14/2017
Modified
11/18/2021

Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

Solution(s)

  • msft-kb4012606-384d5679-3c34-433f-8564-66fc5136a5e9
  • msft-kb4012606-6a38fe85-98ba-4ce2-b4eb-aed947d5c203
  • msft-kb4013198-477b54b9-913d-4c4e-8da8-01e0b4cf15ce
  • msft-kb4013198-6d9f75f7-d998-4188-a935-7603f4e51a4d
  • msft-kb4013429-724ee219-b949-4d44-9e02-e464c6062ae4
  • msft-kb4013429-74b1fe65-bd6b-4b76-a624-8674748898f2
  • msft-kb4013429-e29d1b22-493d-44dd-8857-7c6c7cb6d84c

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;