High severity7.8NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026
CVE-2017-0189
CVE-2017-0189
Description
An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0188.
Affected products
7cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0189nvdPatchVendor Advisory
- www.securityfocus.com/bid/97420nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038239nvd
News mentions
0No linked articles in our index yet.