CVE-2017-0263

CVE-2017-0263

描述

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

影响版本

Product	CPU Architecture	Version	Update	Tested
Windows 7	x86/x64		SP1
Windows Rt
Windows 8.1	x86/x64
Windows 10	x86/x64
Windows 10	x86/x64	1511
Windows 10	x86/x64	1607
Windows 10	x86/x64	1703
Windows Server 2008	x86/x64		SP2
Windows Server 2008	x86/x64	R2	SP1
Windows Server 2012		R2
Windows Server 2012
Windows Server 2016

修复补丁

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263

利用方式

该漏洞并未进行测试，根目录留存着网络收集**[CVE编号].zip**的EXP或者POC，代码状态未知

项目来源

• https://www.exploit-db.com/exploits/44478

分析文章

• https://www.anquanke.com/post/id/102377
• https://www.anquanke.com/post/id/102378
• https://xz.aliyun.com/t/9287
• https://50u1w4y.github.io/site/recurrence/CVE-2017-0263