PT-2025-32790 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 11 affected versions not specified Description: Concurrent execution using a shared resource with improper synchronization a 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Th...

(Pwn2Own) Microsoft Windows vhdmp Driver Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the vhdmp.sys...

Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138) Exploit

Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=914 Windows: VHDMP Arbitrary File Creation EoP Platform: Windows 10 10586 and 14393. Unlikely to work on 7 or 8.1 as I think it’s new functionality Class: Elevation of...

Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138) Exploit

Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=916 Windows: VHDMP Arbitrary Physical Disk Cloning EoP Platform: Windows 10 10586. No idea about 14393, 7 or 8.1 versions. Class: Elevation of Privilege Summary: The VHDMP...

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138) Explo

Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=915 Windows: VHDMP ZwDeleteFile Arbitrary File Deletion EoP Platform: Windows 10 10586 and 14393. No idea about 7 or 8.1 versions. Class: Elevation of Privilege Summary: The...

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation MS16-138 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=915 Windows: VHDMP ZwDeleteFile Arbitrary File Deletion EoP Platform: Windows 10 10586 and 14393. No idea about 7 or 8.1 versions. Class...

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=915 Windows: VHDMP ZwDeleteFile Arbitrary File Deletion EoP Platform: Windows 10 10586 and 14393. No idea about 7 or 8.1 versions. Class: Elevation of Privilege Summary: The VHDMP driver doesn’t safely delete files leading to...

Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=916 Windows: VHDMP Arbitrary Physical Disk Cloning EoP Platform: Windows 10 10586. No idea about 14393, 7 or 8.1 versions. Class: Elevation of Privilege Summary: The VHDMP driver doesn’t open physical disk drives securely when...

Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=914 Windows: VHDMP Arbitrary File Creation EoP Platform: Windows 10 10586 and 14393. Unlikely to work on 7 or 8.1 as I think it’s new functionality Class: Elevation of Privilege Summary: The VHDMP driver doesn’t safely create fil...

Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138)

Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation MS16-138 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=916 Windows: VHDMP Arbitrary Physical Disk Cloning EoP Platform: Windows 10 10586. No idea about 14393, 7 or 8.1 versions. Class: Elevation o...

Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)

Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation MS16-138 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=914 Windows: VHDMP Arbitrary File Creation EoP Platform: Windows 10 10586 and 14393. Unlikely to work on 7 or 8.1 as I think it’s new functionality...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7224)

Multiple elevation of privilege vulnerabilities exist in the Windows VHDMP kernel driver. The vulnerability is due to the way driver fails to properly handle user access to certain files. An attacker can exploit this vulnerability by gaining access to the local system and executing a specially...

MS16-138: Security update to Microsoft virtual hard drive: November 8, 2016

Resolves a vulnerability in Windows in which an attacker could manipulate files in locations not intended to be available to the user.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The Windows VHDMP kernel driver improperly handles user access to certain files. An...