Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-8527: Win32k Graphics Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-8527: Win32k Graphics Remote Code Execution Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
06/13/2017
Created
07/25/2018
Added
06/13/2017
Modified
09/11/2024

Description

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka "Windows Graphics Remote Code Execution Vulnerability".

Solution(s)

  • microsoft-windows-windows_10-1507-kb4022727
  • microsoft-windows-windows_10-1511-kb4022714
  • microsoft-windows-windows_10-1607-kb4022715
  • microsoft-windows-windows_10-1703-kb4022725
  • microsoft-windows-windows_server_2012-kb4022718
  • microsoft-windows-windows_server_2012_r2-kb4022717
  • microsoft-windows-windows_server_2016-1607-kb4022715
  • msft-kb3191837-3ea527de-fc3c-4f63-a482-057d859cf1f7
  • msft-kb3191844-441e569c-9a9a-4b82-902a-d613ffc59e1b
  • msft-kb3191844-90657686-a7e1-4e09-9bd2-10d279478578
  • msft-kb3191939-5ac0d1db-8b51-4cd6-ac78-e918e337c74d
  • msft-kb3191939-c5ee3045-f0d2-4b9f-b59a-8f1b85b1789d
  • msft-kb4022717-1d805e7c-215a-4c96-8b39-3829bd2e02d0
  • msft-kb4022717-6abad12a-fc3f-4352-81f7-453e305f13ed
  • msft-kb4022718-185fb91c-8006-4eeb-81f1-611113a80509
  • msft-kb4022718-5cc34e54-998c-4120-ba8a-d528309738f8
  • msft-kb4022722-0fff3ada-3205-441e-9f7f-f9e0198a32ce
  • msft-kb4022722-4182f860-3205-4b8d-bf9d-4b0b93f34adc
  • msft-kb4022722-61851a6d-1717-4861-801a-461e772cb312
  • msft-kb4022722-65224535-330e-42bd-8e35-824c878ec11a
  • msft-kb4022722-657cd92e-a4a3-4319-a954-52bedeef4cfc
  • msft-kb4022722-e181eaef-054e-4b52-a00f-503b91461f68
  • msft-kb4022884-2c816140-0ae2-4183-977f-d9838ecdb5e0
  • msft-kb4022884-7bf3327f-6d21-41f4-9c44-4f1b49489b7d
  • msft-kb4022884-d8e5bd1f-599e-49b7-9a05-ac81340539a2
  • msft-kb4022884-fe033275-cba9-4346-9527-a17c52a296f5
  • msft-kb4023307-96d2119c-c85d-4490-b58c-927d2ebe297c

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;