# （CVE-2019-1458）Win32k本地提权漏洞.md

#### 描述

CVE-2019-1458是Win32k中的特权提升漏洞，Win32k组件无法正确处理内存中的对象时，导致Windows中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以在内核模式下运行任意代码。然后攻击者可能会安装程序、查看、更改或删除数据；或创建具有完全用户权限的新帐户。

#### 影响版本

```
Microsoft Windows 10 Version 1607 for 32-bit Systems
Microsoft Windows 10 Version 1607 for x64-based Systems
Microsoft Windows 10 for 32-bit Systems
Microsoft Windows 10 for x64-based Systems
Microsoft Windows 7 for 32-bit Systems SP1
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 8.1 for 32-bit Systems
Microsoft Windows 8.1 for x64-based Systems
Microsoft Windows RT 8.1
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
```

#### 修复补丁

```
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458
```

#### 利用方式

编译环境

- VS2019（V120）X64 Release

编译好的文件

```
cve-2019-1458.exe
```

然后直接上GIF图

[![11](resource/%EF%BC%88CVE-2019-1458%EF%BC%89Win32k%E6%9C%AC%E5%9C%B0%E6%8F%90%E6%9D%83/media/3.gif)](https://github.com/Ascotbe/Random-img/blob/master/WindowsKernelExploits/3.gif?raw=true)



> https://github.com/Ascotbe/Kernelhub/tree/master/CVE-2019-1458