Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06614)

Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...

Microsoft Windows Kernel 'Win32k.sys' Local Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited allows an attacker to run processes with elevated privileges...

Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2017-06616)

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited, could allow an attacker to execute arbitrary code and denial of servic...

Microsoft Windows Monthly Rollup (KB4019214)

This host is missing a critical security update monthly rollup according to microsoft KB4019214 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday

Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release. Researchers with FireEye who uncovered the three vulnerabilities said the bugs were actively being exploited by threat actors Turla and APT28. Two of the zero day vulnerabilities...

Security update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017

Security update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017 Summary An information disclosure vulnerability exists when the Windows kernel handles objects in memory incorrectly. An attacker who successfully exploited this vulnerability could...

Security Update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017

Security Update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017 Summary An information disclosure vulnerability exists when the Windows kernel handles objects in memory incorrectly. An attacker who successfully exploits this vulnerability could obta...

May 9, 2017—KB4019474 (OS Build 10240.17394)

May 9, 2017—KB4019474 OS Build 10240.17394 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where Windows Event Forwarding between two 2012 R2 servers makes reports...

VulnCheck KEV: CVE-2017-0263

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...

Windows 7 and Windows Server 2008 R2 May 2017 Security Updates

The remote Windows host is missing security update 4019263 or cumulative update 4019264. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the Windows DNS server when it's configured to answer version queries. An unauthenticated, remote attacke...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-05766)

Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in the Microsoft Windows kernel that does not properly handle memory objects, which can be exploited by an attacker to obtain sensitive information...

Windows Kernel win32k.sys multiple bugs in the NtGdiGetDIBitsInternal system call (CVE-2017-0058)

We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure bug 1 or denial of service bug 1 and 2. Under certain...

Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)

We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...

Microsoft Windows Kernel 'Win32k.sys' Local Information Disclosure Vulnerability

Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in Microsoft Windows win32k Failure to Properly Provide Kernel Information, which can be exploited by an attacker to obtain sensitive information...

Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool...

Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1192 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k!NtUserPaintMenuBar system call, or more specifically,...

Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call

Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in...

Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Exploi

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows...

Microsoft Windows Multiple Vulnerabilities (KB4015217)

This host is missing an important security update according to Microsoft Security update KB4015217. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2017-0167

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further...