Kaspersky Threats

Description

Multiple serious vulnerabilities have been found in Microsoft Windows . Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service and possibly to bypass security restrictions.

Below is a complete list of vulnerabilities:

An incorrect applying of network isolation settings in Active Directory can be exploited remotely via a specially designed application to bypass security restrictions;
Multiple improper memory address initialization vulnerabilities in Windows Kernel can be exploited locally via a specially designed application to obtain sensitive information;
An improper HTTP 2.0 requests parsing in HTTP.sys can be exploited remotely via a specially designed request to cause denial of service;
Multiple improper input validation vulnerabilities in Windows Hyper-V can be exploited locally via a specially designed application to obtain sensitive information;
An incorrect handling of objects in memory in Windows Kernel can be exploited locally via a specially designed application to gain privileges;
An incorrect untrusted files validation in Device Guard can be exploited locally via a specially designed application to bypass security restrictions;
An improper handling of malformed SNMP traps in Windows SNMP can be exploited remotely via unknown vectors to cause denial of service and possibly to gain privileges;
An incorrect requests handling in Remote Desktop Protocol (RDP) can be exploited remotely via a specially crafted requests to cause denial of service;
Memory corruption vulnerability in Microsoft Malware Protection Engine can be exploited locally via a specially designed application to execute arbitrary code;
Buffer overflow vulnerability in Microsoft JET Database Engine can be exploited remotely via a specially designed Excel file to execute arbitrary code;
An incorrect handling of objects in memory in VBScript engine can be exploited remotely via a specially crafted website to execute arbitrary code and possible to gain privileges;
An improper handling of objects in memory in Windows Adobe Type Manager Font Driver can be exploited locally via a specially crafted application to gain privileges;
An incorrect kernel memory mapping in DirectX Graphics Kernel Subsystem can be exploited locally via a specially designed application to gain privileges;
Multiple vulnerabilities in Windows font library can be exploited locally via a specially designed document file or remotely via a specially designed website to execute arbitrary code.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVE list

CVE-2018-0887
high
CVE-2018-0890
high
CVE-2018-0956
critical
CVE-2018-0957
high
CVE-2018-0960
high
CVE-2018-0963
critical
CVE-2018-0964
high
CVE-2018-0966
warning
CVE-2018-0967
high
CVE-2018-0968
high
CVE-2018-0969
high
CVE-2018-0970
high
CVE-2018-0971
high
CVE-2018-0972
high
CVE-2018-0973
high
CVE-2018-0974
high
CVE-2018-0975
high
CVE-2018-0976
high
CVE-2018-1003
critical
CVE-2018-1004
critical
CVE-2018-1008
high
CVE-2018-1009
critical
CVE-2018-1010
critical
CVE-2018-1012
critical
CVE-2018-1013
critical
CVE-2018-1015
critical
CVE-2018-1016
critical
CVE-2018-8116
high

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Multiple vulnerabilities in Microsoft Windows