Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Diagnostic Hub Standard Collector can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows Shell can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft COM for Windows can be exploited remotely via specially crafted file to execute arbitrary code.
- A security feature bypass vulnerability in ADFS can be exploited remotely via specially crafted authentication to bypass security restrictions.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
- A security feature bypass vulnerability in Device Guard Code Integrity Policy can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows NDIS can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows PDF can be exploited remotely via specially crafted website to execute arbitrary code.
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Microsoft Cortana can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
Original advisories
- CVE-2018-8399
- CVE-2018-8401
- CVE-2018-8200
- CVE-2018-0952
- CVE-2018-8400
- CVE-2018-8398
- CVE-2018-8404
- CVE-2018-8344
- CVE-2018-8348
- CVE-2018-8339
- CVE-2018-8394
- CVE-2018-8345
- CVE-2018-8253
- CVE-2018-8341
- CVE-2018-8349
- CVE-2018-8350
- CVE-2018-8340
- CVE-2018-8204
- CVE-2018-8414
- CVE-2018-8347
- CVE-2018-8405
- CVE-2018-8406
- ADV180018
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Visual-Studio
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
CVE list
- CVE-2018-0952 critical
- CVE-2018-8405 critical
- CVE-2018-8414 critical
- CVE-2018-8345 critical
- CVE-2018-8349 critical
- CVE-2018-8401 critical
- CVE-2018-8340 high
- CVE-2018-8398 high
- CVE-2018-8204 high
- CVE-2018-8406 critical
- CVE-2018-8348 warning
- CVE-2018-8347 critical
- CVE-2018-8339 high
- CVE-2018-8343 critical
- CVE-2018-8400 critical
- CVE-2018-8394 high
- CVE-2018-8350 critical
- CVE-2018-8404 high
- CVE-2018-8399 high
- CVE-2018-8253 warning
- CVE-2018-8341 warning
- CVE-2018-8200 high
- CVE-2018-8344 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!