CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.2%
Windows elevation of privilege vulnerabilities exist in the following scenarios:
When Windows incorrectly handles calls to Win32k.sys.
When the Win32k component does not correctly handle objects in memory.
When the Windows kernel mode driver does not correctly handle objects in memory.
To learn more about these vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).
Method 1: Windows UpdateThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.Method 2: Microsoft Update CatalogTo get the standalone package for this update, go to the Microsoft Update Catalog website.ImportantIf you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
Security update deployment informationFor deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: December 11, 2018
File hash information
Windows XP file information
For all supported x86-based versionsFile name | File version | File size | Date | Time | Platform |
---|---|---|---|---|---|
Win32k.sys | 5.1.2600.7610 | 1,914,240 | 13-Nov-2018 | 05:28 | x86 |
Updspapi.dll | 6.3.13.0 | 382,840 | 01-Feb-2018 | 21:28 | x86 |
Help for installing updates: Protect yourself online
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.2%