CVE-2017-8467

Name of the Vulnerable Software and Affected Versions Microsoft Windows 7 SP1 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 8.1 and Windows RT 8.1 Microsoft Windows Server 2012 and R2 Microsoft Windows 10 versions Gold, 1511, 1607, 1703 Microsoft Windows Server 2016

Description The issue is related to the handling of objects in memory by Graphics in Microsoft Windows, allowing an elevation of privilege. This could potentially be exploited through an untrusted pointer dereference, such as the fnHKINLPRECT function. An elevation-of-privilege vulnerability exists, allowing attackers to affect the system.

Recommendations For Microsoft Windows 7 SP1, apply the relevant patch to fix the elevation of privilege vulnerability. For Microsoft Windows Server 2008 SP2 and R2 SP1, apply the relevant patch to fix the elevation of privilege vulnerability. For Microsoft Windows 8.1 and Windows RT 8.1, apply the relevant patch to fix the elevation of privilege vulnerability. For Microsoft Windows Server 2012 and R2, apply the relevant patch to fix the elevation of privilege vulnerability. For Microsoft Windows 10 versions Gold, 1511, 1607, 1703, apply the relevant patch to fix the elevation of privilege vulnerability. For Microsoft Windows Server 2016, apply the relevant patch to fix the elevation of privilege vulnerability. As a temporary workaround, consider restricting access to the fnHKINLPRECT function until a patch is available.