RULE(RULE ID:333578)

Rule General Information
Release Date: 2021-02-18
Rule Name: Windows Win32k Elevation of Privilege Vulnerability (CVE-2021-1732)
Severity:
CVE ID:
Rule Protection Details
Description: Microsoft Microsof Windows Win32k is an operating system of Microsoft Corporation. Provide a multi-tasking graphical user interface. There is a security feature vulnerability in Windows Win32k. The following products and versions are affected: Windows 10 Version 1803 for 32-bit Systems,Windows 10 Version 1803 for x64-based Systems,Windows 10 Version 1803 for ARM64-based Systems,Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 1909 for 32-bit Systems,Windows 10 Version 1909 for x64-based Systems, Windows 10 Version 1909 for ARM64-based Systems,Windows Server, version 1909 (Server Core installation),Windows 10 Version 2004 for 32-bit Systems,Windows 10 Version 2004 for ARM64-based Systems,Windows 10 Version 2004 for x64-based Systems ,Windows Server, version 2004 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation).
Impact: An attacker can abtain more privileges which he is not entitled to by exloiting the vulnerability, such as executing arbitrary code, deleting files, viewing sensitive information, changing configurations.
Affected OS: Windows
Reference: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732
http://packetstormsecurity.com/files/161880/Win32k-ConsoleControl-Offset-Confusion.html
Solutions
The vendors have released upgrade patches to fix vulnerabilities, please visit:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1732