# （CVE-2018-8453）Windows 本地提权漏洞.md

#### 描述

Microsoft Windows中存在提权漏洞，该漏洞源于Win32k组件没有正确的处理内存对象。本地攻击者可通过登录系统并运行特制的应用程序，利用该漏洞在内核模式下以提升的权限执行代码。

#### 影响版本

| Product             | Version | Update | Edition | Tested |
| ------------------- | ------- | ------ | ------- | ------ |
| Windows 10          | -       |        |         |        |
| Windows 10          | 1607    |        |         |        |
| Windows 10          | 1703    |        |         |        |
| Windows 10          | 1709    |        |         | ✔️      |
| Windows 10          | 1803    |        |         |        |
| Windows 10          | 1809    |        |         |        |
| Windows 7           | -       | SP1    |         |        |
| Windows 8.1         |         |        |         |        |
| Windows Rt 8.1      | -       |        |         |        |
| Windows Server 2008 | -       | SP2    |         |        |
| Windows Server 2008 | R2      | SP1    |         |        |
| Windows Server 2012 | -       |        |         |        |
| Windows Server 2012 | R2      |        |         |        |
| Windows Server 2016 | -       |        |         |        |
| Windows Server 2016 | 1709    |        |         |        |
| Windows Server 2016 | 1803    |        |         |        |
| Windows Server 2019 | -       |        |         |        |

#### 修复补丁

```
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8453
```

#### 利用方式

编译环境

- VS2019 （V140）X64 Release

测试系统Windows 10 1709 x64

[![CVE-2018-8453](resource/%EF%BC%88CVE-2018-8453%EF%BC%89Windows%20%E6%9C%AC%E5%9C%B0%E6%8F%90%E6%9D%83%E6%BC%8F%E6%B4%9E/media/CVE-2018-8453_win10_1709_x64.gif)](https://github.com/Ascotbe/Random-img/raw/master/WindowsKernelExploits/CVE-2018-8453_win10_1709_x64.gif?raw=true)

#### 项目来源

- [ze0r](https://github.com/ze0r/cve-2018-8453-exp)

> https://github.com/Ascotbe/Kernelhub/tree/master/CVE-2018-8453