Description
Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges.
Below is a complete list of vulnerabilities:
- An improper handling of objects in memory can be exploited locally via a specially designed application to gain privileges;
- Multiple vulnerabilities related to an improper handling of memory addresses can be exploited locally via a specially designed application to obtain sensitive information;
- Multiple vulnerabilities related to an incorrect handling of objects in memory done by the Windows kernel-mode driver can be exploited locally via a specially designed application to gain privileges;
- Multiple vulnerabilities related to an improper initialization of objects in memory can be exploited locally via a specialy designed application to obtain sensitive information;
- An improper handling of objects in memory related to proper enforcement of VTLs (virtual trust levels) can be exploited locally via a specially designed application to gain privileges.
Technical details
Vulnerabilities (2) occur in case the Windows kernel fails to initialize a memory adress in a proper way and can cause security bypass called KASLR (Kernel Address Space Layout Randomization) bypass.
NB: Not every vulnerability already have CVSS rating so cumulative CVSS rating can be not representative.
Original advisories
- CVE-2017-8479
- CVE-2017-8474
- CVE-2017-8476
- CVE-2017-8477
- CVE-2017-0300
- CVE-2017-8481
- CVE-2017-8480
- CVE-2017-8482
- CVE-2017-8485
- CVE-2017-8484
- CVE-2017-8489
- CVE-2017-0299
- CVE-2017-0297
- CVE-2017-8469
- CVE-2017-8468
- CVE-2017-8465
- CVE-2017-8462
- CVE-2017-8494
- CVE-2017-8492
- CVE-2017-8490
- CVE-2017-8491
- CVE-2017-8479
- CVE-2017-0299
- CVE-2017-8485
- CVE-2017-8478
- CVE-2017-8476
- CVE-2017-8494
- CVE-2017-8480
- CVE-2017-8489
- CVE-2017-0300
- CVE-2017-8491
- CVE-2017-8477
- CVE-2017-8462
- CVE-2017-8482
- CVE-2017-8492
- CVE-2017-8490
- CVE-2017-8484
- CVE-2017-8481
- CVE-2017-8468
- CVE-2017-8469
- CVE-2017-8474
- CVE-2017-8465
- CVE-2017-0297
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
CVE list
- CVE-2017-8479 warning
- CVE-2017-0299 warning
- CVE-2017-8485 warning
- CVE-2017-8478 warning
- CVE-2017-8476 warning
- CVE-2017-8494 high
- CVE-2017-8480 warning
- CVE-2017-8489 warning
- CVE-2017-0300 warning
- CVE-2017-8491 warning
- CVE-2017-8477 warning
- CVE-2017-8462 warning
- CVE-2017-8482 warning
- CVE-2017-8492 warning
- CVE-2017-8490 warning
- CVE-2017-8484 warning
- CVE-2017-8481 warning
- CVE-2017-8468 high
- CVE-2017-8469 warning
- CVE-2017-8474 warning
- CVE-2017-8465 high
- CVE-2017-0297 warning
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com