vulnerability
Microsoft Windows: CVE-2017-0188: Win32k Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Apr 11, 2017 | Apr 11, 2017 | Sep 5, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Apr 11, 2017
Added
Apr 11, 2017
Modified
Sep 5, 2025
Description
A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0189.
Solutions
microsoft-windows-windows_10-1507-kb4015221microsoft-windows-windows_10-1511-kb4015219microsoft-windows-windows_10-1607-kb4015217microsoft-windows-windows_10-1703-kb4015583microsoft-windows-windows_server_2012-kb4015548microsoft-windows-windows_server_2012_r2-kb4015547microsoft-windows-windows_server_2016-1607-kb4015217msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fddmsft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643amsft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802
References
- BID-97475
- CVE-2017-0188
- https://attackerkb.com/topics/CVE-2017-0188
- CWE-200
- https://support.microsoft.com/help/4015217
- https://support.microsoft.com/help/4015219
- https://support.microsoft.com/help/4015221
- https://support.microsoft.com/help/4015547
- https://support.microsoft.com/help/4015548
- https://support.microsoft.com/help/4015583
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.