CVE-2017-8552
Last modified
CVE-2017-8552 is a vulnerability of currently unknown severity. A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE is unique from CVE-2017-0263.. EPSS estimates a 1.00% chance of exploitation in the next 30 days.
Description
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE is unique from CVE-2017-0263.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Windows 7 | All versions | Sp1 |
| Microsoft | Windows Server 2008 | All versions | Sp2 |
| Microsoft | Windows Server 2008 | r2 | Sp1 |
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8552Patch, Vendor Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8552Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-8552?
How severe is CVE-2017-8552?
How do I fix CVE-2017-8552?
Are you affected by CVE-2017-8552?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST