Microsoft Windows Kernel Local Information Disclosure Vulnerability

Summary

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

Credit:

The information has been provided by Gil Dabah

The original article can be found at:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1071

 


Details

An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An authenticated attacker could exploit this vulnerability by running a specially crafted application.

Vulnerable Systems:

Microsoft Windows Server 2019 
Microsoft Windows Server 2016 
Microsoft Windows Server 2012 
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 1803 
Microsoft Windows Server 1709 
Microsoft Windows RT 8.1
Microsoft Windows 8.1 for x64-based Systems 
Microsoft Windows 8.1 for 32-bit Systems 
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for 32-bit Systems SP1
Microsoft Windows 10 Version 1903 for x64-based Systems 

CVE Information:

CVE-2019-1071

Disclosure Timeline:
Published Date:07/16/2019