Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-8475: Windows Kernel Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-8475: Windows Kernel Information Disclosure Vulnerability

Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
06/13/2017
Created
07/25/2018
Added
06/13/2017
Modified
09/11/2024

Description

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8470, CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE-2017-8477, and CVE-2017-8484.

Solution(s)

  • microsoft-windows-windows_10-1507-kb4022727
  • microsoft-windows-windows_10-1511-kb4022714
  • microsoft-windows-windows_10-1607-kb4022715
  • microsoft-windows-windows_10-1703-kb4022725
  • microsoft-windows-windows_server_2012-kb4022718
  • microsoft-windows-windows_server_2012_r2-kb4022717
  • microsoft-windows-windows_server_2016-1607-kb4022715
  • msft-kb4022717-1d805e7c-215a-4c96-8b39-3829bd2e02d0
  • msft-kb4022717-6abad12a-fc3f-4352-81f7-453e305f13ed
  • msft-kb4022718-185fb91c-8006-4eeb-81f1-611113a80509
  • msft-kb4022718-5cc34e54-998c-4120-ba8a-d528309738f8
  • msft-kb4022722-0fff3ada-3205-441e-9f7f-f9e0198a32ce
  • msft-kb4022722-4182f860-3205-4b8d-bf9d-4b0b93f34adc
  • msft-kb4022722-61851a6d-1717-4861-801a-461e772cb312
  • msft-kb4022722-65224535-330e-42bd-8e35-824c878ec11a
  • msft-kb4022722-657cd92e-a4a3-4319-a954-52bedeef4cfc
  • msft-kb4022722-e181eaef-054e-4b52-a00f-503b91461f68
  • msft-kb4022887-0ce6f532-cf10-430b-95a7-35a92a0759dd
  • msft-kb4022887-43e87341-5dc4-4f2a-ab5a-8a2109d1f4bf
  • msft-kb4022887-5bd158e3-1e60-4842-ade9-f495820e4033
  • msft-kb4022887-68036196-581a-4918-80b0-9b81cef6f44d

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;