Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2017-8465.
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_10 | Microsoft | - (including) | - (including) |
Windows_10 | Microsoft | 1511 (including) | 1511 (including) |
Windows_10 | Microsoft | 1607 (including) | 1607 (including) |
Windows_10 | Microsoft | 1703 (including) | 1703 (including) |
Windows_8.1 | Microsoft | * | * |
Windows_8.1 | Microsoft | rt (including) | rt (including) |
Windows_server_2012 | Microsoft | r2 (including) | r2 (including) |
Windows_server_2016 | Microsoft | - (including) | - (including) |