CVE-2017-8466

Name of the Vulnerable Software and Affected Versions Windows Cursor versions in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016

Description The issue is related to insufficient access restrictions in the Windows Cursor component, allowing a local attacker to potentially elevate their privileges. This can lead to improper elevation of privilege, enabling an attacker to affect the system.

Recommendations For Windows 8.1, consider restricting access to the Windows Cursor component until a patch is available. For Windows Server 2012 Gold and R2, restrict the use of the Windows Cursor to minimize the risk of exploitation. For Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016, avoid using the NtUserLinkDpiCursor function in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.