CVE-2023-36802

Name of the Vulnerable Software and Affected Versions Microsoft Streaming Service Proxy versions prior to the fixed version

Description The issue is related to an elevation-of-privilege vulnerability in the Microsoft Streaming Service Proxy, which allows attackers to gain system-level rights. This vulnerability is associated with a buffer overflow in memory. The estimated number of potentially affected devices is not specified. There have been reports of real-world incidents where this issue was exploited, including limited exploitation in the wild. Technical details about exploitation include the involvement of the MSKSSRV.SYS driver.

Recommendations For versions prior to the fixed version, apply the patch issued on September 12, 2023, to resolve the issue. As a temporary workaround, consider restricting access to the MSKSSRV.SYS driver until a patch is applied. Avoid using the vulnerable Microsoft Streaming Service Proxy until the issue is resolved.