HTTP: Microsoft Windows CVE-2017-0165 Privilege Elevation

This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A successful attack can lead to Privilege Elevation.

Extended Description

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."

Affected Products

Microsoft windows_8.1

References

CVE: CVE-2017-0165

Short Name
HTTP:STC:DL:CVE-2017-0165-PE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-0165 Elevation Microsoft Privilege Windows
Release Date
04/06/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Microsoft

CVSS Score

7.2

Found a potential security threat?