Win32k Elevation of Privilege Vulnerability - CVE-2017-0246ID: oval:org.secpod.oval:def:40439 | Date: (C)2017-05-10 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
An elevation of privilege vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. On systems with Windows 7 for x64-based Systems or later installed, this vulnerability can lead to denial of service. To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel-mode driver handles objects in memory and by helping to prevent unintended elevation of privilege from user mode.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |