这个漏洞属于未正确处理窗口类成员对象导致的Double-free类型本地权限提升漏洞
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 10 | x86/x64 | |||
| Windows 10 | x86/x64 | 1607 | ||
| Windows 10 | x86/x64 | 1703 | ||
| Windows 10 | x86/x64/ARM64 | 1709 | ||
| Windows 10 | x86/x64/ARM64 | 1803 | ||
| Windows 10 | x86/x64/ARM64 | 1809 | ||
| Windows 7 | x86/x64 | SP1 | ||
| Windows 8.1 | x86/x64 | |||
| Windows Rt 8.1 | ||||
| Windows Server 2008 | x86/x64 | SP2 | ||
| Windows Server 2008 | x86/x64 | R2 | SP1 | |
| Windows Server 2012 | ||||
| Windows Server 2012 | R2 | |||
| Windows Server 2016 | ||||
| Windows Server 2019 | ||||
| Windows Server | 1803 | |||
| Windows Server | 1709 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8639
编译环境
- VS2019(V140)X64 Release
在Windows 2008 R2 SP1 X64上测试通过的EXP,直接上GIF图
编译环境
-
VS2019(V120)X64 Debug,需要安装如下包作为支撑
https://www.microsoft.com/zh-cn/download/confirmation.aspx?id=40770
Windows 7 SP1 X64测试通过的EXP,上GIF图
