First published: Fri Mar 17 2017(Updated: )
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 7 | =sp1 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Vista | =sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-0103 is classified as a medium severity vulnerability due to its potential for privilege escalation.
To fix CVE-2017-0103, ensure that your system is updated with the latest security patches from Microsoft.
CVE-2017-0103 affects local users on Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2012.
CVE-2017-0103 is an elevation of privilege vulnerability related to improper handling of registry objects in memory.
CVE-2017-0103 requires local access to the system for exploitation, making it less of a risk than remote vulnerabilities.