First published: Tue Dec 20 2016(Updated: )
The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Windows 10 | ||
Windows 10 | =1511 | |
Windows 10 | =1607 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows | ||
Microsoft Windows RT | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Vista | =sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-7259 is classified as a privilege escalation vulnerability, allowing local users to gain administrative privileges.
To mitigate CVE-2016-7259, ensure that your affected Microsoft Windows systems have the latest security updates installed.
CVE-2016-7259 affects various versions of Microsoft Windows, including Windows Vista, 7, 8.1, 10, and their corresponding Server editions.
CVE-2016-7259 can be exploited through local user access to execute malicious code that escalates privileges.
While the most effective solution is updating your systems, restricting user access and minimizing local user permissions can serve as a temporary workaround for CVE-2016-7259.