Multiple vulnerabilities in Windows Kernel

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges.

Below is a complete list of vulnerabilities:

1. An improper handling of objects in memory can be exploited locally via a specially designed application to gain privileges;
2. Multiple vulnerabilities related to an improper handling of memory addresses can be exploited locally via a specially designed application to obtain sensitive information;
3. Multiple vulnerabilities related to an incorrect handling of objects in memory done by the Windows kernel-mode driver can be exploited locally via a specially designed application to gain privileges;
4. Multiple vulnerabilities related to an improper initialization of objects in memory can be exploited locally via a specialy designed application to obtain sensitive information;
5. An improper handling of objects in memory related to proper enforcement of VTLs (virtual trust levels) can be exploited locally via a specially designed application to gain privileges.

---

Technical details

Vulnerabilities (2) occur in case the Windows kernel fails to initialize a memory adress in a proper way and can cause security bypass called KASLR (Kernel Address Space Layout Randomization) bypass.

NB: Not every vulnerability already have CVSS rating so cumulative CVSS rating can be not representative.

Ursprüngliche Informationshinweise

• CVE-2017-8478

• CVE-2017-8479
• CVE-2017-8474
• CVE-2017-8476
• CVE-2017-8477
• CVE-2017-0300
• CVE-2017-8481
• CVE-2017-8480
• CVE-2017-8482
• CVE-2017-8485
• CVE-2017-8484
• CVE-2017-8489
• CVE-2017-0299
• CVE-2017-0297
• CVE-2017-8469
• CVE-2017-8468
• CVE-2017-8465
• CVE-2017-8462
• CVE-2017-8494
• CVE-2017-8492
• CVE-2017-8490
• CVE-2017-8491
• CVE-2017-8479
• CVE-2017-0299
• CVE-2017-8485
• CVE-2017-8478
• CVE-2017-8476
• CVE-2017-8494
• CVE-2017-8480
• CVE-2017-8489
• CVE-2017-0300
• CVE-2017-8491
• CVE-2017-8477
• CVE-2017-8462
• CVE-2017-8482
• CVE-2017-8492
• CVE-2017-8490
• CVE-2017-8484
• CVE-2017-8481
• CVE-2017-8468
• CVE-2017-8469
• CVE-2017-8474
• CVE-2017-8465
• CVE-2017-0297

CVE Liste

• CVE-2017-8479
  critical
• CVE-2017-0299
  critical
• CVE-2017-8485
  critical
• CVE-2017-8478
  critical
• CVE-2017-8476
  critical
• CVE-2017-8494
  critical
• CVE-2017-8480
  critical
• CVE-2017-8489
  critical
• CVE-2017-0300
  critical
• CVE-2017-8491
  critical
• CVE-2017-8477
  critical
• CVE-2017-8462
  critical
• CVE-2017-8482
  critical
• CVE-2017-8492
  critical
• CVE-2017-8490
  critical
• CVE-2017-8484
  critical
• CVE-2017-8481
  critical
• CVE-2017-8468
  critical
• CVE-2017-8469
  critical
• CVE-2017-8474
  critical
• CVE-2017-8465
  critical
• CVE-2017-0297
  critical

KB Liste

• 4022719
• 4022726
• 4022714
• 4022724
• 4022727
• 4022715
• 4022725
• 4022722
• 4022717
• 4022718
• 4022013
• 4022887
• 4034741

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com