CVE-2017-0077

Name of the Vulnerable Software and Affected Versions Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 versions 1511 through 1703 Windows Server 2016

Description The issue is related to insufficient access restrictions in kernel-mode drivers, allowing a local authenticated attacker to execute a specially crafted application. This can lead to information disclosure or, in Windows 7 and later, cause a denial of service. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the ability of an attacker to use a specially crafted application to obtain information or cause a denial of service.

Recommendations For Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Windows 7 SP1, consider applying security patches or updates to address the issue. For Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 versions 1511 through 1703, and Windows Server 2016, update to a version newer than the affected ones to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and system resources to minimize the risk of exploitation.