Microsoft Windows Kernel Local Privilege Escalation Vulnerability

Summary

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory.

Credit:

The information has been provided by Vendor

The original article can be found at:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1067

 


Details

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

Vulnerable Systems:

Microsoft Windows Server 2019 
Microsoft Windows Server 1903 
Microsoft Windows Server 1803 
Microsoft Windows Server 2016
Microsoft Windows 10

CVE Information:

CVE-2019-1067

Disclosure Timeline:
Published Date:07/16/2019