Lucene search
Symantec Security ResponseSMNTC-107331HistoryMar 12, 2019 - 12:00 a.m.
Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability
2019-03-1200:00:00
Symantec Security Response
www.symantec.com
89
0.001 Low
EPSS
Percentile
17.6%
Description
Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition.
Technologies Affected
- Microsoft Windows 7 for 32-bit Systems SP1
- Microsoft Windows 7 for x64-based Systems SP1
- Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
- Microsoft Windows Server 2008 R2 for x64-based Systems SP1
- Microsoft Windows Server 2008 for 32-bit Systems SP2
- Microsoft Windows Server 2008 for Itanium-based Systems SP2
- Microsoft Windows Server 2008 for x64-based Systems SP2
Recommendations
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.
Updates are available. Please see the references or vendor advisory for more information.
Related
metasploit
metasploit
Microsoft Windows NtUserMNDragOver Local Privilege Elevation
2020-04-30 09:19:46
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2019-03-12 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2019-0808)
2019-03-12 00:00:00
exploitpack
exploitpack
Microsoft Windows 72008 - Win32k Denial of Service (PoC)
2019-03-26 00:00:00
zdt
zdt
Microsoft Windows NtUserMNDragOver Local Privilege Escalation Exploit
2020-05-09 00:00:00
Microsoft Windows 7/2008 - Win32k Denial of Service Exploit
2019-03-27 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2021-11-03 00:00:00
packetstorm
packetstorm
Microsoft Windows NtUserMNDragOver Local Privilege Escalation
2020-05-08 00:00:00
exploitdb
exploitdb
Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)
2019-03-26 00:00:00
attackerkb
attackerkb
Win32k Elevation of Privilege Vulnerability
2019-04-09 00:00:00
CVE-2019-0797
2019-04-09 00:00:00
prion
prion
Privilege escalation
2019-04-09 03:29:00
Privilege escalation
2019-04-09 03:29:00
mskb
mskb
cve
cve
CVE-2019-0797
2019-04-09 03:29:00
CVE-2019-0808
2019-04-09 03:29:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2020-07-19 08:20:57
krebs
krebs
Patch Tuesday, March 2019 Edition
2019-03-13 04:55:28
thn
thn
Microsoft Releases Patches for 64 Flaws â Two Under Active Attack
2019-03-12 18:15:00
fireeye
fireeye
threatpost
threatpost
Nation-State Attacks Drop in Latest Google Analysis
2020-03-30 20:53:22
Microsoft Patches Two Win32k Bugs Under Active Attack
2019-03-12 21:52:31
myhack58
myhack58
securelist
securelist
IT threat evolution Q1 2019. Statistics
2019-05-23 10:00:53
googleprojectzero
googleprojectzero
Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019
2020-07-29 00:00:00
nessus
nessus
KB4489876: Windows Server 2008 March 2019 Security Update
2019-03-12 00:00:00
KB4489885: Windows 7 and Windows Server 2008 R2 March 2019 Security Update
2019-03-12 00:00:00
kaspersky
kaspersky
KLA11876 Multiple vulnerabiltiies in Microsoft Products (ESU)
2019-03-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4489878)
2019-03-13 00:00:00
talosblog
talosblog
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00