Published: 09/04/2019 Updated: 10/04/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the Microsoft Windows Win32k kernel-mode driver could allow a local malicious user to escalate privileges on a targeted system.The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit this vulnerability by accessing the system and executing an application that submits malicious input to the affected software. A successful exploit could allow the malicious user to execute arbitrary code in kernel mode and compromise the system completely.Microsoft confirmed the vulnerability and released software updates.

Vulnerability Trend

Github Repositories

CVE-2019-0859-1day-Exploit CVE-2019-0859 1day Exploit Target OS : Windows 7 x64 ServicePack1 (7601) Detail will be update soon

项目简介 信息收集、攻击尝试获得权限、持久性控制、权限提升、网络信息收集、横向移动、数据分析(在这个基础上再做持久化控制)、擦屁股。 安全相关资源列表 arxivorg 康奈尔大学(Cornell University)开放文档 githubcom/sindresorhus/awesome awesome系列 wwwowasporgcn/ow

Recent Articles

Windows Zero-Day Emerges in Active Exploits
Threatpost • Tara Seals • 16 Apr 2019

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.
Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers sai...

New zero-day vulnerability CVE-2019-0859 in win32k.sys
Securelist • Vasily Berdnikov Boris Larin Anton Ivanov • 15 Apr 2019

In March 2019, our automatic Exploit Prevention (EP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys. It was the fifth consecutive exploited Local Privilege Escalation vulnerability in Windows that we have discovered in recent months using our technologies. The previous ones were:
On March 17, 2019 we reported our discovery to Microsoft; the company ...

Patched Windows Zero-Day Provided Full Control Over Vulnerable Systems
BleepingComputer • Sergiu Gatlan • 15 Apr 2019

A Windows zero-day vulnerability which got patched by Microsoft as part of the company's April 2019 Patch Tuesday together with 73 other flaws could allow potential attackers to take full control of vulnerable systems.
The 0-day was actively exploited before patching, with Kaspersky Lab's researchers Vasiliy Berdnikov and Boris Larin finding an exploit in the wild actively targeting multiple 64-bit versions of Windows, ranging from "Windows 7 to older builds of Windows 10."
This is...

Microsoft Patch Tuesday – April 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 10 Apr 2019

This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.

Posted: 10 Apr, 201927 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – April 2019This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining ...

It's raining patches, Hallelujah! Microsoft and Adobe put out their latest major fixes
The Register • Shaun Nichols in San Francisco • 09 Apr 2019

Hefty patch Tuesday checks in at just under 100 CVEs

A pair of actively-targeted Windows flaws highlight this month's edition of Redmond's Patch Tuesday, the monthly moment when admins sigh and determine what to fix..
For Microsoft, the monthly flaw folder fixes for a total of 74 CVE-listed security bugs in Windows and Office. Of those, 33 are flaws which, if exploited, would allow the attacker to achieve remote code execution.
As usual, most of the remote code execution flaws were spotted in the browser and scripting engines. Those in...

Microsoft's April 2019 Patch Tuesday Fixes 74 Vulnerabilities
BleepingComputer • Lawrence Abrams • 09 Apr 2019

Today is Microsoft's April 2019 Patch Tuesday, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for two vulnerabilities that have been spotted being actively exploited in the wild.
With the release of the April 2019 security updates, Microsoft has released 2 advisories and updates for 74 vulnerabilities, with 15 being classified as Critical. These up...