Microsoft Windows Kernel Local Information Disclosure Vulnerability

Published on September 24th, 2019
Summary

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

Credit:

The information has been provided by Gil Dabah

The original article can be found at:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1071

 


Details

An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An authenticated attacker could exploit this vulnerability by running a specially crafted application.

Vulnerable Systems:

Microsoft Windows Server 2019 
Microsoft Windows Server 2016 
Microsoft Windows Server 2012 
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 1803 
Microsoft Windows Server 1709 
Microsoft Windows RT 8.1
Microsoft Windows 8.1 for x64-based Systems 
Microsoft Windows 8.1 for 32-bit Systems 
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for 32-bit Systems SP1
Microsoft Windows 10 Version 1903 for x64-based Systems 

CVE Information:

CVE-2019-1071

Disclosure Timeline:
Published Date:07/16/2019

Categories: FeaturedNews
Tags:

Related Posts

News

Zoho ManageEngine OpManager before 12.4 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability

News

MiniShare 1.4.1 Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

News

NETGEAR JNR1010 devices before 1.0.0.32 Cross-Site Request Forgery (CSRF) Vulnerability