Vulnerability Protection

Vulnerabilities in Windows Kernel Could Allow Escalation of Privilege

Details

Report ID:

MS20170312

Date Published:

15 March 2017

Date Revised:

Criticality:

Important

Compromise Type:

Escalation of privilege

Compromise From:

Local system

Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT 8.1
Windows 10
Windows Server 2016

Summary

Four vulnerabilities discovered in the Windows kernel could each be exploited into allowing an attacker to gain escalated privilege on an affected system. 

Detailed Description

Microsoft has released a security update to address four reported vulnerabilities in the Windows kernel. Each of them could allow an attacker to gain escalated privilege on an affected system. The vulnerabilities were caused by various factors, which include an error in permissions enforcement, improper handling of objects in memory, failure to check the length of a buffer prior to copying memory, and improper handling of registry objects in memory. All of these issues have been rectified in the latest security update by implementing corrective modifications on applicable components. 

CVE Reference

CVE-2017-0050, CVE-2017-0101, CVE-2017-0102, CVE-2017-0103

Solution

Install the latest security patch for applicable system, available for download from https://technet.microsoft.com/en-us/library/security/MS17-017

Source

Microsoft Security Bulletin MS17-017