Microsoft CVE-2019-1362: Win32k Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.
Solution(s)
- msft-kb4520003-0d1c5f85-509f-4142-baa9-c9a7d22386f8
- msft-kb4520003-4177c40d-e502-4e6c-9b95-6162fba1cec3
- msft-kb4520003-a99aef55-9e6d-4c41-8f5b-d84b383a4f3a
- msft-kb4520003-ba350f9c-c29f-4b6c-b51b-e3b7b3173be3
- msft-kb4520003-eb2b689a-dab5-479f-a051-dd4ee86b98ef
- msft-kb4520003-f6315128-ecc0-4bc5-a152-c9383a644a56
- msft-kb4520009-6f2b0614-8c8a-474c-b9d5-9f1ab035f1fb
- msft-kb4520009-7c787b1f-05ba-4516-a24c-617da56d1405
- msft-kb4520009-e97e00d7-47d2-4016-a5c1-bbe896a46d6f
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center