Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 r2 |
||
microsoft windows 10 1607 |
||
microsoft windows 8.1 - |
||
microsoft windows server 2016 - |
||
microsoft windows server 2008 - |
||
microsoft windows 7 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows server 2012 - |
||
microsoft windows 10 - |
||
microsoft windows server 2019 - |
||
microsoft windows 10 1809 |
||
microsoft windows 10 20h2 |
||
microsoft windows 10 21h1 |
||
microsoft windows server 2022 - |
||
microsoft windows 11 - |
||
microsoft windows 10 21h2 |
||
microsoft windows 11 22h2 |
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is the ability of a normal user account to replace the original C:\ drive with a fake one by placing a symlink for the system drives in the device map ...
Vulmon