|CVSS SCORE||7.2, (AV:L/AC:L/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the handling of bitmap objects. By performing a certain sequence of calls to win32k.sys, an attacker can cause the kernel to make use of a null pointer. An attacker can leverage this vulnerability to escalate privilege to SYSTEM.
Microsoft has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||bee13oy of CloverSec Labs