Microsoft Windows Win32k Privilege Escalation Vulnerability

Microsoft Windows is prone to local privilege-escalation vulnerability. CVE-2019-0859 has been assigned to track this vulnerability.
This privilege escalation vulnerability is being exploited in the wild.

Vulnerability Details:

The vulnerability exists when the Win32k component fails to properly handle objects in memory. An attacker can exploit this issue to execute arbitrary code in kernel mode, can install programs and create new accounts with full user rights. Failed exploit attempts may result in a denial of service condition.
To exploit this vulnerability, an attacker would first have to log on to the system with any low privilege account. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Mitigation:

Microsoft has addressed this issue via an out of band advisory CVE-2019-0859.
Qualys has released QID 91522 (Microsoft Windows Security Update for April 2019) to detect the vulnerable machines.

Please continue to follow on Qualys Threat Protection for more coverage on vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *