Microsoft Windows Kernel CVE-2018-0982 Local Privilege Escalation Vulnerability

Microsoft Windows is prone to a local privilege-escalation vulnerability.

A local attacker can exploit this issue to gain elevated privileges.

Information

Bugtraq ID: 104382
Class: Design Error
CVE: CVE-2018-0982

Remote: No
Local: Yes
Published: Jun 12 2018 12:00AM
Updated: Jun 15 2018 09:00AM
Credit: James Forshaw of Google Project Zero
Vulnerable: Microsoft Windows Server 2016 0
Microsoft Windows Server 1803 0
Microsoft Windows Server 1709 0
Microsoft Windows 10 Version 1803 for x64-based Systems 0
Microsoft Windows 10 Version 1803 for 32-bit Systems 0
Microsoft Windows 10 version 1709 for x64-based Systems 0
Microsoft Windows 10 version 1709 for 32-bit Systems 0
Microsoft Windows 10 version 1703 for x64-based Systems 0
Microsoft Windows 10 version 1703 for 32-bit Systems 0
Microsoft Windows 10 Version 1607 for x64-based Systems 0
Microsoft Windows 10 Version 1607 for 32-bit Systems 0

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• Microsoft Homepage (Microsoft)
  
• Microsoft Windows Homepage (Microsoft )
  
• CVE-2018-0982 | Windows Elevation of Privilege Vulnerability (Microsoft)
  
• Microsoft Windows 10 - Child Process Restriction Mitigation Bypass (Exploit DB)
  

Source: www.securityfocus.com