3876 matches found
CVE-2017-0263
The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of...
CVE-2017-0259
CVE-2017-0259 is a Windows kernel local information-disclosure vulnerability affecting Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. A specially crafted document can cause leakage of sensitive information via the kernel. Public e...
Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06617)
Microsoft Windows is the popular computer operating system. In some versions of Windows, the Windows kernel does not properly initialize memory objects, and a local information disclosure vulnerability exists in the implementation, allowing an attacker to obtain user system information...
Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2017-06619)
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited allows an attacker to run arbitrary code in kernel mode...
Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06610)
Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...
Microsoft Windows Kernel 'Win32k.sys' Local Elevation of Privilege Vulnerability
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited allows an attacker to run processes with elevated privileges...
Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2017-06616)
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited, could allow an attacker to execute arbitrary code and denial of servic...
Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06614)
Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...
Microsoft Windows Monthly Rollup (KB4019214)
This host is missing a critical security update monthly rollup according to microsoft KB4019214 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday
Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release. Researchers with FireEye who uncovered the three vulnerabilities said the bugs were actively being exploited by threat actors Turla and APT28. Two of the zero day vulnerabilities...
May 9, 2017—KB4019474 (OS Build 10240.17394)
May 9, 2017—KB4019474 OS Build 10240.17394 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where Windows Event Forwarding between two 2012 R2 servers makes reports...
Security update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017
Security update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017 Summary An information disclosure vulnerability exists when the Windows kernel handles objects in memory incorrectly. An attacker who successfully exploited this vulnerability could...
Security Update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017
Security Update for the Windows Kernel Information Disclosure Vulnerability in Windows Server 2008: May 9, 2017 Summary An information disclosure vulnerability exists when the Windows kernel handles objects in memory incorrectly. An attacker who successfully exploits this vulnerability could obta...
VulnCheck KEV: CVE-2017-0263
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...
Windows 7 and Windows Server 2008 R2 May 2017 Security Updates
The remote Windows host is missing security update 4019263 or cumulative update 4019264. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the Windows DNS server when it's configured to answer version queries. An unauthenticated, remote attacke...
Windows Kernel win32k.sys multiple bugs in the NtGdiGetDIBitsInternal system call (CVE-2017-0058)
We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure bug 1 or denial of service bug 1 and 2. Under certain...
Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)
We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...
Microsoft Windows Kernel 'Win32k.sys' Local Information Disclosure Vulnerability
Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in Microsoft Windows win32k Failure to Properly Provide Kernel Information, which can be exploited by an attacker to obtain sensitive information...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-05766)
Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in the Microsoft Windows kernel that does not properly handle memory objects, which can be exploited by an attacker to obtain sensitive information...
Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call
Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in...