Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows ALPC can be exploited remotely via specially crafted application to gain privileges.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Microsoft JET Database Engine can be exploited remotely via specially crafted to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
- A denial of service vulnerability in Windows SMB can be exploited remotely via specially crafted requests to cause denial of service.
- An information disclosure vulnerability in Windows SMB can be exploited remotely via specially crafted packet to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Win32k Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
- An information disclosure vulnerability in Windows can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Windows can be exploited remotely via specially crafted image to execute arbitrary code.
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in MS XML can be exploited remotely via specially crafted website to execute arbitrary code.
- A security feature bypass vulnerability in Device Guard can be exploited remotely to bypass security restrictions.
- A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
- An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to bypass security restrictions.
Original advisories
- CVE-2018-8462
- CVE-2018-8442
- CVE-2018-8440
- CVE-2018-8438
- CVE-2018-8455
- CVE-2018-8392
- CVE-2018-8410
- CVE-2018-8335
- CVE-2018-8444
- CVE-2018-8441
- CVE-2018-8332
- CVE-2018-0965
- CVE-2018-8271
- CVE-2018-8437
- CVE-2018-8443
- CVE-2018-8475
- CVE-2018-8419
- CVE-2018-8434
- CVE-2018-8420
- CVE-2018-8436
- CVE-2018-8439
- CVE-2018-8449
- CVE-2018-8435
- CVE-2018-8424
- CVE-2018-8468
- CVE-2018-8393
- CVE-2018-8445
- CVE-2018-8337
- CVE-2018-8446
- ADV180022
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
CVE list
- CVE-2018-8433 warning
- CVE-2018-8462 critical
- CVE-2018-8442 high
- CVE-2018-8440 critical
- CVE-2018-8438 high
- CVE-2018-8455 critical
- CVE-2018-8392 critical
- CVE-2018-8410 critical
- CVE-2018-8335 critical
- CVE-2018-8444 high
- CVE-2018-8441 critical
- CVE-2018-8332 critical
- CVE-2018-0965 critical
- CVE-2018-8271 high
- CVE-2018-8437 high
- CVE-2018-8443 high
- CVE-2018-8475 critical
- CVE-2018-8419 high
- CVE-2018-8434 high
- CVE-2018-8420 critical
- CVE-2018-8436 high
- CVE-2018-8439 critical
- CVE-2018-8449 warning
- CVE-2018-8435 warning
- CVE-2018-8424 high
- CVE-2018-8468 warning
- CVE-2018-8393 critical
- CVE-2018-8445 high
- CVE-2018-8337 high
- CVE-2018-8446 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!