Microsoft CVE-2017-8468: Win32k Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.
Solution(s)
- msft-kb4022714-63569ab7-c77a-4436-a691-ad182bf54b54
- msft-kb4022714-a6c6864b-39ee-4a25-8c19-fdf5df77f49c
- msft-kb4022715-5628b4c3-1451-4233-a111-f48f4eecac09
- msft-kb4022715-8436b0ac-13c3-4047-9c60-e1fdba6cf918
- msft-kb4022715-96c2ded2-ca08-466e-8d52-1f28a54d49d5
- msft-kb4022717-1d805e7c-215a-4c96-8b39-3829bd2e02d0
- msft-kb4022717-6abad12a-fc3f-4352-81f7-453e305f13ed
- msft-kb4022717-7b6c010d-36ea-4bb4-9d06-9e44c1235690
- msft-kb4022727-378b3f68-8c1f-410f-b1ed-46c1608edf57
- msft-kb4022727-7da82164-b5fd-4735-b187-087b2f0fd24f
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center