Microsoft CVE-2018-0977: Win32k Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.
Solution(s)
- msft-kb4088776-2c72e703-9c4c-4146-9e32-cc4386b2cfb2
- msft-kb4088776-3b3e0295-642a-4b7d-84b7-c6b5e83f5ca2
- msft-kb4088776-786afab9-c31a-475e-8a16-67957d2e609d
- msft-kb4088779-48dd1136-48ee-44c7-a573-868521eccff4
- msft-kb4088779-c19a8868-ac70-44b1-9b6f-2d4dc02cf9ba
- msft-kb4088782-4c26f4d6-719a-484d-b39e-e05f7b8f92b0
- msft-kb4088782-f6e16c94-5afc-4df9-9970-2d4ca233b263
- msft-kb4088786-beebacd8-b2b4-4dd0-94b4-9e3d6252b7f0
- msft-kb4088786-d8280f8b-2c0a-4543-99a8-8e72f83c84dd
- msft-kb4088787-5dc25e3e-31b9-4ac7-b1b7-a62a9821390d
- msft-kb4088787-b28a900c-61a0-4362-8df4-e1ecc7caa389
- msft-kb4088787-c4fe9ff8-acd4-405b-91b5-334daf81ae00
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center