Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-97471
HistoryApr 11, 2017 - 12:00 a.m.

Microsoft Windows Graphics CVE-2017-0155 Local Privilege Escalation Vulnerability

2017-04-1100:00:00
Symantec Security Response
www.symantec.com
20

0.328 Low

EPSS

Percentile

97.1%

JSON

Description

Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges.

Technologies Affected

  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Vista Service Pack 2
  • Microsoft Windows Vista x64 Edition Service Pack 2

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

Updates are available. Please see the references or vendor advisory for more information.

Related

cve 1
checkpoint_advisories 1
prion 1
nvd 1
mscve 1
cvelist 1
zdi 1
mskb 3
openvas 2
nessus 2
kaspersky 2
cve
cve
CVE-2017-0155
2017-04-12 14:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Graphics Elevation of Privilege (CVE-2017-0155)
2017-04-11 00:00:00
prion
prion
Privilege escalation
2017-04-12 14:59:00
nvd
nvd
CVE-2017-0155
2017-04-12 14:59:00
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2017-04-11 07:00:00
cvelist
cvelist
CVE-2017-0155
2017-04-12 14:00:00
zdi
zdi
Microsoft Windows Font Object Buffer Overflow Privilege Escalation Vulnerability
2017-04-11 00:00:00
mskb
mskb
Security update for the Win32k information disclosure and escalation of privilege vulnerabilities in Windows Vista and Windows Server 2008: April 11, 2017
2017-04-11 07:00:00
April 11, 2017—KB4015546 (Security-only update)
2017-04-11 07:00:00
April 11, 2017—KB4015549 (Monthly Rollup)
2017-04-11 07:00:00
openvas
openvas
Microsoft Privilege Elevation And Information Disclosure Vulnerabilities (KB4015195)
2017-04-12 00:00:00
Microsoft Windows Monthly Rollup (KB4015549)
2017-04-12 00:00:00
nessus
nessus
KB4015195: Security Update for the Win32k Information Disclosure Vulnerability (April 2017)
2017-04-12 00:00:00
Windows 7 and Windows 2008 R2 April 2017 Security Updates (Petya)
2017-04-12 00:00:00
kaspersky
kaspersky
KLA11059 Multiple vulnerabilities in Microsoft Windows
2017-04-11 00:00:00
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
2017-04-11 00:00:00

0.328 Low

EPSS

Percentile

97.1%

JSON
Related for SMNTC-97471
cve1checkpoint_advisories1prion1nvd1mscve1cvelist1zdi1mskb3openvas2nessus2kaspersky2