Microsoft CVE-2019-1169: Win32k Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.
Solution(s)
- msft-kb4512486-16bba1d9-7035-4243-b78b-cea3df5096b6
- msft-kb4512486-2d01b298-6879-4d30-8a68-e872592d343e
- msft-kb4512486-437934f0-2915-4e74-b1cc-04921ce3aef1
- msft-kb4512486-cb62a71d-be6d-491e-9e4d-046e3dff67e9
- msft-kb4512486-d6348d13-661b-4391-b03d-77cbf3143cd2
- msft-kb4512486-fc466b63-7e33-42b7-8bfe-72335a76bb07
- msft-kb4512491-08cff48b-50a6-45e0-80f9-1e9c166f5ebd
- msft-kb4512491-ba106612-9217-4c05-84e3-bf93da04241b
- msft-kb4512491-d0f0c55e-5ea3-418c-a858-82f582466388
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center