CVE-2017-0263
Microsoft Win32k Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
YesDecision
Descriptions
The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
Los controladores del modo kernel en Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows versión 8.1, Windows Server 2012 versión Gold y R2, Windows RT versión 8.1, Windows 10 versión Gold, 1511, 1607, 1703 y Windows Server 2016 de Microsoft, permiten a los usuarios locales alcanzar privilegios por medio de una aplicación diseñada, también se conoce como "Win32k Elevation of Privilege Vulnerability"
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-09-09 CVE Reserved
- 2017-05-12 CVE Published
- 2022-02-10 Exploited in Wild
- 2022-08-10 KEV Due Date
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-10-22 EPSS Updated
CWE
- CWE-416: Use After Free
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98258 | Broken Link | |
| http://www.securitytracker.com/id/1038449 | Broken Link |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/44478 | 2024-08-05 | |
| https://xiaodaozhi.com/exploit/117.html | 2024-08-05 |
| URL | Date | SRC |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263 | 2024-07-24 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows 10 1507 Search vendor "Microsoft" for product "Windows 10 1507" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 1511 Search vendor "Microsoft" for product "Windows 10 1511" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 1607 Search vendor "Microsoft" for product "Windows 10 1607" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 1703 Search vendor "Microsoft" for product "Windows 10 1703" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 8.1 Search vendor "Microsoft" for product "Windows 8.1" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Rt 8.1 Search vendor "Microsoft" for product "Windows Rt 8.1" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | r2 Search vendor "Microsoft" for product "Windows Server 2008" and version "r2" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012" | r2 Search vendor "Microsoft" for product "Windows Server 2012" and version "r2" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2016 Search vendor "Microsoft" for product "Windows Server 2016" | - | - |
Affected
| ||||||