PALETTE – Computer Security Articles

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

March 27, 2017 admin Advanced persistent threats, Antimalware research for IT pros and enthusiasts, Coreinfo, Creators Update, CVE-2017-005, Device Guard, EoP, PALETTE, Product features and announcements, SMEP, virtualization-based security, Windows 10, Windows 10 Creators Update, Windows Defender Advanced Threat Protection, Windows Defender ATP, zero-day exploits, ZIRCONIUM

Credit to Author: msft-mmpc| Date: Mon, 27 Mar 2017 15:00:01 +0000

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit targeted older versions of Windows and allowed attackers to elevate process privileges on these platforms. In this article, we…