Elevation of Privilege Vulnerability in Win32k Exploited in the Wild (CVE-2023-29336)
Description: Microsoft CVE-2023-29336 - Win32k Elevation of Privilege Vulnerability
CVE ID: CVE-2023-29336
Threat/Vulnerability: Elevation of Privilege
#What is Win32k?
Win32k is a system component in Microsoft Windows OS that controls graphic and UI functions at the kernel level.
Win32k is responsible for rendering fonts, icons, buttons, and other graphical elements in Windows.
It is integral to the OS and any issues affecting Win32k may cause system instability or crashes.
#What is the Attack?
An Elevation of Privilege (EoP) vulnerability exists in Win32K kernel that allows an attacker to obtain SYSTEM privileges.
The issue has been assigned CVE-2023-29336. No further details are available from Microsoft.
The vulnerability has a CVSS base score of 7.8 and is rated HIGH.
#Why is this Significant?
This is significant because attackers have reportedly started to exploit CVE-2023-29336 in real-time attacks.
CISA added the vulnerability to the Known Exploited Vulnerabilities (KEV) catalog on May 9th, 2023. As such, patches should be applied as soon as possible.
#What is the Vendor Solution?
Microsoft issued a patch for this on May 9th, 2023.
Method 1: Windows Update
This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.
Method 2: Microsoft Update Catalog
To get the stand-alone package for this update, go to the Microsoft Update Catalog website: catalog.update....
References:
msrc.microsoft...
www.cisa.gov/k...
www.fortiguard...
PoC: github.com/num...