CVE-2017-8562

EUVD-2017-17512
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_8.1
*
microsoftwindows_rt_8.1
*
microsoftwindows_server_2012
-
microsoftwindows_server_2016
*
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4025338
1511 (x64, x86)
KB4025344
1607 (x64, x86)
KB4025339
1703 (x64, x86)
KB4025342
Windows 8.1
(x64, x86)
KB4025336
Windows RT 8.1
All
KB4025336
Windows Server 2012
Server Core
KB4025343
Standard
KB4025343
Windows Server 2012 R2
Server Core
KB4025336
Standard
KB4025336
Windows Server 2016
Server Core
KB4025339
Standard
KB4025339
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/99397
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8562
http://www.securityfocus.com/bid/99397
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8562