Vulnerability Protection

Vulnerabilities in Windows Kernel-Mode Driver Could Allow Escalation of Privilege


Report ID:


Date Published:

15 March 2017

Date Revised:



Compromise Type:

Escalation of privilege

Compromise From:

Local system

Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT 8.1
Windows 10
Windows Server 2016


Eight vulnerabilities discovered in the Windows kernel-mode  could allow an attacker to gain escalated privilege on an affected system, if successfully exploited. 

Detailed Description

Microsoft has issued a security update to address eight escalation of privilege vulnerabilities found in the Windows kernel-mode driver. The vulnerabilities were caused by improper handling of objects in memory, and each could be exploited into allowing an attacker to execute code in kernel mode. To successfully exploit these vulberabilities, the attacker must first log on to the system and then run a specially crafted application. These issues have all been fixed in the latets security update which introduced correction in the way that objects in memory are handled. 

CVE Reference

CVE-2017-0024, CVE-2017-0026, CVE-2017-0056, CVE-2017-0078, CVE-2017-0079, CVE-2017-0080, CVE-2017-0081, CVE-2017-0082


Install the latest security patch for applicable system, available for download from


Microsoft Security Bulletin MS17-018