Microsoft Windows Kernel 'Win32k.sys' CVE-2017-0188 Local Privilege Escalation Vulnerability

Microsoft Windows is prone to a local privilege-escalation vulnerability.

A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.

Information

Bugtraq ID: 97475
Class: Design Error
CVE: CVE-2017-0188

Remote: No
Local: Yes
Published: Apr 11 2017 12:00AM
Updated: Apr 12 2017 12:03AM
Credit: pgboy and zhong_sf of Qihoo 360 Vulcan Team.
Vulnerable: Microsoft Windows Server 2016 0
Microsoft Windows Server 2012 R2 0
Microsoft Windows Server 2012 0
Microsoft Windows RT 8.1
Microsoft Windows 8.1 for x64-based Systems 0
Microsoft Windows 8.1 for 32-bit Systems 0
Microsoft Windows 10 version 1703 for x64-based Systems 0
Microsoft Windows 10 version 1703 for 32-bit Systems 0
Microsoft Windows 10 Version 1607 for x64-based Systems 0
Microsoft Windows 10 Version 1607 for 32-bit Systems 0
Microsoft Windows 10 version 1511 for x64-based Systems 0
Microsoft Windows 10 version 1511 for 32-bit Systems 0
Microsoft Windows 10 for x64-based Systems 0
Microsoft Windows 10 for 32-bit Systems 0

Not Vulnerable:

References:

• Microsoft Homepage (Microsoft)
  
• CVE-2017-0188 | Win32k Information Disclosure Vulnerability (Microsoft)
  

Source: www.securityfocus.com