Use After Free (CWE-416)
Windows Win32k Elevation of Privilege Vulnerability. This is a Use After Free vulnerability affecting various versions of Windows, including Windows Server 2016, Windows 10 (versions 22H2, 21H2, 1607, 1809, 1507), Windows 11 (versions 21H2, 22H2, 23H2), Windows Server 2008, Windows Server 2012, and Windows Server 2019. The vulnerability has a CVSS v3.1 base score of 7.8, indicating a high severity. It requires local access and low privileges to exploit, with no user interaction needed.
If exploited, this vulnerability could allow an attacker to gain elevated privileges on the affected system. The impact is severe, with high potential for compromise of confidentiality, integrity, and availability of the system. An attacker who successfully exploits this vulnerability could potentially execute arbitrary code with elevated privileges, install programs, view, change, or delete data, or create new accounts with full user rights.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch is available for this vulnerability. Microsoft has released security updates to address this issue. The patch was added on July 9, 2024, and is available through the Microsoft Update Guide.
To mitigate this vulnerability, it is strongly recommended to apply the security updates provided by Microsoft as soon as possible. Prioritize patching for systems running the affected Windows versions, especially those in sensitive or critical environments. Additionally, implement the principle of least privilege, limiting user account permissions where possible to minimize the potential impact of exploitation. Regular system updates and security best practices should be maintained to protect against this and other vulnerabilities.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 7.8 has been assigned.
NVD published the first details for CVE-2024-38066
Feedly found the first article mentioning CVE-2024-38066. See article
Feedly estimated the CVSS score as MEDIUM
CVE-2024-38066 is a critical EoP vulnerability in Windows Win32k with a CVSSv3 score of 7.8. It is rated as "Exploitation More Likely" by Microsoft, indicating a higher risk of exploitation in the wild. While there are no known proof-of-concept exploits, users are advised to apply patches provided by Microsoft to mitigate the risk of privilege escalation. See article
EPSS Score was set to: 0.04% (Percentile: 9.2%)
This CVE started to trend in security discussions
This CVE stopped trending in security discussions