CVE-2017-0101

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions Vista SP2 through 10 1607 Microsoft Windows Server versions 2008 SP2 through 2016

Description The issue is related to a buffer overflow in the kernel-mode drivers of the Transaction Manager in Microsoft Windows, allowing local users to gain privileges via a crafted application. This can enable an attacker to elevate their privileges.

Recommendations For Microsoft Windows versions Vista SP2 through 10 1607, consider restricting access to the Transaction Manager until a patch is available. For Microsoft Windows Server versions 2008 SP2 through 2016, avoid using crafted applications that could exploit the vulnerability in the kernel-mode drivers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.