Rapid7

vulnerability

Microsoft Windows: CVE-2017-8477: Windows Kernel Information Disclosure Vulnerability

Try Surface Command
Back to search
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
Jun 13, 2017
Added
Jun 13, 2017
Modified
Sep 5, 2025

Description

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8470, CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE-2017-8475, and CVE-2017-8484.

Solutions

microsoft-windows-windows_10-1507-kb4022727microsoft-windows-windows_10-1511-kb4022714microsoft-windows-windows_10-1607-kb4022715microsoft-windows-windows_10-1703-kb4022725microsoft-windows-windows_server_2012-kb4022718microsoft-windows-windows_server_2012_r2-kb4022717microsoft-windows-windows_server_2016-1607-kb4022715msft-kb4022717-1d805e7c-215a-4c96-8b39-3829bd2e02d0msft-kb4022717-6abad12a-fc3f-4352-81f7-453e305f13edmsft-kb4022718-185fb91c-8006-4eeb-81f1-611113a80509msft-kb4022718-5cc34e54-998c-4120-ba8a-d528309738f8msft-kb4022722-0fff3ada-3205-441e-9f7f-f9e0198a32cemsft-kb4022722-4182f860-3205-4b8d-bf9d-4b0b93f34adcmsft-kb4022722-61851a6d-1717-4861-801a-461e772cb312msft-kb4022722-65224535-330e-42bd-8e35-824c878ec11amsft-kb4022722-657cd92e-a4a3-4319-a954-52bedeef4cfcmsft-kb4022722-e181eaef-054e-4b52-a00f-503b91461f68msft-kb4022887-0ce6f532-cf10-430b-95a7-35a92a0759ddmsft-kb4022887-43e87341-5dc4-4f2a-ab5a-8a2109d1f4bfmsft-kb4022887-5bd158e3-1e60-4842-ade9-f495820e4033msft-kb4022887-68036196-581a-4918-80b0-9b81cef6f44d

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report