Vulnerabilities > Improper Preservation of Permissions

DATE CVE VULNERABILITY TITLE RISK
2017-07-11 CVE-2017-8561 Improper Preservation of Permissions vulnerability in Microsoft products
Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability".
local
high complexity
microsoft CWE-281
7.0
2017-07-11 CVE-2017-8556 Improper Preservation of Permissions vulnerability in Microsoft products
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability".
local
high complexity
microsoft CWE-281
7.0
2017-07-11 CVE-2017-8467 Improper Preservation of Permissions vulnerability in Microsoft products
Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
local
high complexity
microsoft CWE-281
7.0
2017-06-29 CVE-2017-8579 Improper Preservation of Permissions vulnerability in Microsoft Windows 10 and Windows Server 2016
The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "DirectX Elevation of Privilege Vulnerability."
local
high complexity
microsoft CWE-281
7.0
2017-06-15 CVE-2017-8552 Improper Preservation of Permissions vulnerability in Microsoft Windows 7 and Windows Server 2008
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
local
low complexity
microsoft CWE-281
7.8
2017-06-15 CVE-2017-8543 Improper Preservation of Permissions vulnerability in Microsoft products
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
network
low complexity
microsoft CWE-281
critical
9.8
2017-06-15 CVE-2017-8494 Improper Preservation of Permissions vulnerability in Microsoft Windows 10 and Windows Server 2016
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".
local
low complexity
microsoft CWE-281
7.3
2017-06-15 CVE-2017-8468 Improper Preservation of Permissions vulnerability in Microsoft products
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8465.
local
low complexity
microsoft CWE-281
7.8
2017-06-15 CVE-2017-8466 Improper Preservation of Permissions vulnerability in Microsoft products
Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".
local
low complexity
microsoft CWE-281
7.8
2017-06-15 CVE-2017-8465 Improper Preservation of Permissions vulnerability in Microsoft products
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8468.
local
low complexity
microsoft CWE-281
7.8