KLA10984
Privilege escalation vulnerabilities in Windows kernel

Обновлено: 18/06/2020
Дата обнаружения
14/03/2017
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges.

Below is a complete list of vulnerabilities:

  1. An improper check of a buffer length (prior to copying memory to the buffer) can be exploited remotely to gain privileges;
  2. An incorrect permission enforcement done by Windows Kernel API can be exploited remotely via a specially designed application to gain privileges;
  3. An improper handling of objects in memory in Windows Transaction Manager can be exploited remotely via a specially designed application to gain privileges;
  4. An improper handling of registry objects in memory in Windows Kernel API can be exploited remotely via a specially designed application to gain privileges.

Technical details

Vulnerability (1) can be exploited only is malicious user has an access to the target system and have proper permissions to copy a file to a shared drive or folder.

Пораженные продукты

Windows Vista Service Pack 2
Windows 7 Service Pack 1
Windows 8.1
Windows RT
Windows 10
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
MS17-017
CVE-2017-0102
CVE-2017-0103
CVE-2017-0101
CVE-2017-0050
Оказываемое влияние
?
PE 
[?]
Связанные продукты
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Windows 10
CVE-IDS