First published: Wed Apr 12 2017(Updated: )
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1511 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT | ||
Microsoft Windows Server 2008 Itanium | =sp2 | |
Microsoft Windows Server 2008 Itanium | =r2-sp1 | |
Microsoft Windows Server 2012 x64 | ||
Microsoft Windows Server 2012 x64 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Vista | =sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-0058 has a critical severity rating due to the potential for information disclosure that can lead to further system compromise.
To fix CVE-2017-0058, apply the relevant security updates provided by Microsoft for your affected Windows version.
CVE-2017-0058 affects various versions of Microsoft Windows, including Windows 7, 8.1, Windows 10, and Windows Server versions.
CVE-2017-0058 is an information disclosure vulnerability in the Win32k component of Microsoft Windows.
Yes, CVE-2017-0058 can potentially be exploited by an attacker to gain sensitive information remotely.