Vulnerability Description
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 | All versions |
| Microsoft | Windows 8.1 | All versions |
| Microsoft | Windows Rt 8.1 | All versions |
| Microsoft | Windows Server 2012 | r2 |
References
- http://www.securityfocus.com/bid/97467Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038239
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165PatchVendor Advisory
- https://www.exploit-db.com/exploits/41901/
- http://www.securityfocus.com/bid/97467Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038239
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0165PatchVendor Advisory
- https://www.exploit-db.com/exploits/41901/
FAQ
What is CVE-2017-0165?
CVE-2017-0165 is a vulnerability with a CVSS score of 7.8 (HIGH). An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles...
How severe is CVE-2017-0165?
CVE-2017-0165 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-0165?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows 8.1, Microsoft Windows Rt 8.1, Microsoft Windows Server 2012.