vulnerability

Microsoft CVE-2019-1362: Win32k Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Oct 8, 2019	Oct 8, 2019	Nov 13, 2019

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Oct 8, 2019

Added

Oct 8, 2019

Modified

Nov 13, 2019

Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

Solutions

msft-kb4520003-0d1c5f85-509f-4142-baa9-c9a7d22386f8msft-kb4520003-4177c40d-e502-4e6c-9b95-6162fba1cec3msft-kb4520003-a99aef55-9e6d-4c41-8f5b-d84b383a4f3amsft-kb4520003-ba350f9c-c29f-4b6c-b51b-e3b7b3173be3msft-kb4520003-eb2b689a-dab5-479f-a051-dd4ee86b98efmsft-kb4520003-f6315128-ecc0-4bc5-a152-c9383a644a56msft-kb4520009-6f2b0614-8c8a-474c-b9d5-9f1ab035f1fbmsft-kb4520009-7c787b1f-05ba-4516-a24c-617da56d1405msft-kb4520009-e97e00d7-47d2-4016-a5c1-bbe896a46d6f

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today