7.2
CVSSv2

CVE-2019-0859

Published: 09/04/2019 Updated: 10/04/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 703
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the Microsoft Windows Win32k kernel-mode driver could allow a local malicious user to escalate privileges on a targeted system.The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit this vulnerability by accessing the system and executing an application that submits malicious input to the affected software. A successful exploit could allow the malicious user to execute arbitrary code in kernel mode and compromise the system completely.Microsoft confirmed the vulnerability and released software updates.

Vulnerability Trend

Recent Articles

Windows Zero-Day Emerges in Active Exploits
Threatpost • Tara Seals • 16 Apr 2019

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.
Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers sai...

New zero-day vulnerability CVE-2019-0859 in win32k.sys
Securelist • Vasily Berdnikov Boris Larin Anton Ivanov • 15 Apr 2019

In March 2019, our automatic Exploit Prevention (EP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys. It was the fifth consecutive exploited Local Privilege Escalation vulnerability in Windows that we have discovered in recent months using our technologies. The previous ones were:
On March 17, 2019 we reported our discovery to Microsoft; the company ...

Microsoft Patch Tuesday – April 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 10 Apr 2019

This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.

Posted: 10 Apr, 201927 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – April 2019This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining ...

It's raining patches, Hallelujah! Microsoft and Adobe put out their latest major fixes
The Register • Shaun Nichols in San Francisco • 09 Apr 2019

Hefty patch Tuesday checks in at just under 100 CVEs

A pair of actively-targeted Windows flaws highlight this month's edition of Redmond's Patch Tuesday, the monthly moment when admins sigh and determine what to fix..
For Microsoft, the monthly flaw folder fixes for a total of 74 CVE-listed security bugs in Windows and Office. Of those, 33 are flaws which, if exploited, would allow the attacker to achieve remote code execution.
As usual, most of the remote code execution flaws were spotted in the browser and scripting engines. Those in...