vulnerability

Microsoft CVE-2019-1169: Win32k Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Aug 13, 2019	Aug 13, 2019	Aug 23, 2019

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Aug 13, 2019

Added

Aug 13, 2019

Modified

Aug 23, 2019

Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

Solution(s)

msft-kb4512486-16bba1d9-7035-4243-b78b-cea3df5096b6msft-kb4512486-2d01b298-6879-4d30-8a68-e872592d343emsft-kb4512486-437934f0-2915-4e74-b1cc-04921ce3aef1msft-kb4512486-cb62a71d-be6d-491e-9e4d-046e3dff67e9msft-kb4512486-d6348d13-661b-4391-b03d-77cbf3143cd2msft-kb4512486-fc466b63-7e33-42b7-8bfe-72335a76bb07msft-kb4512491-08cff48b-50a6-45e0-80f9-1e9c166f5ebdmsft-kb4512491-ba106612-9217-4c05-84e3-bf93da04241bmsft-kb4512491-d0f0c55e-5ea3-418c-a858-82f582466388

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today