Win32k Elevation of Privilege Vulnerability in Microsoft Windows OS

Reference: CERT.be Advisory #2018-016 Version: 1.0
Affected software:
CVE-2018-8120
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for Itanium-Based Systems Service Pack 2
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
CVE-2018-8124 :
- All Microsoft OS since Windows 7
- All Microsoft Server OS since Windows 2008
Type: Win32k Elevation of Privilege Vulnerability
CVSS Score: 7 for both

Sources

https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/

Risks

CVE-2018-8120 : Win32K elevation of privilege, exploited into the wild.
CVE-2018-8124 : Win32K elevation of privilege, not known to be exploited yet.

Summary

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft has released patches to address these vulnerabilities.

Recommended actions

CERT.be recommends you to patch your systems:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...