CVE-2017-8633

Name of the Vulnerable Software and Affected Versions Windows Error Reporting (WER) versions prior to the fixed version Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 versions prior to the fixed version, including Gold, 1511, 1607, 1703 Windows Server 2016

Description The issue allows an elevation of privilege, enabling attackers to affect the system. This is due to improper access control in the Windows Error Reporting Manager.

Recommendations For Windows Server 2008 SP2 and R2 SP1, update to a version that includes the fix for this issue. For Windows 7 SP1, apply the recommended configuration changes to restrict access to the Windows Error Reporting feature. For Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, consider disabling the Windows Error Reporting service until a patch is available. For Windows 10 versions prior to the fixed version, including Gold, 1511, 1607, 1703, and Windows Server 2016, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Windows Error Reporting Manager to minimize the risk of exploitation.