Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
2. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
3. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely via specially crafted application to gain privileges.
4. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
5. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
6. A security feature bypass vulnerability in Windows can be exploited remotely to bypass security restrictions.
7. A remote code execution vulnerability in Hyper-V vSMB can be exploited remotely via specially crafted application to execute arbitrary code.
8. A remote code execution vulnerability in Microsoft COM for Windows can be exploited remotely via specially crafted file to execute arbitrary code.
9. An elevation of privilege vulnerability in Windows Image can be exploited remotely via specially crafted application to gain privileges.
10. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.
11. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
12. A remote code execution vulnerability in Windows can be exploited remotely via specially crafted document to execute arbitrary code.
13. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.

Первичный источник обнаружения

• CVE-2018-8167
  CVE-2018-8166
  CVE-2018-8165
  CVE-2018-8164
  CVE-2018-8897
  CVE-2018-8141
  CVE-2018-8129
  CVE-2018-8142
  CVE-2018-8127
  CVE-2018-8124
  CVE-2018-0961
  CVE-2018-0824
  CVE-2018-8170
  CVE-2018-8174
  CVE-2018-8134
  CVE-2018-8136
  CVE-2018-8132
  CVE-2018-0854
  CVE-2018-0958
  CVE-2018-0959
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Microsoft-Windows-10

Список CVE

• CVE-2018-8167
  high
• CVE-2018-8166
  high
• CVE-2018-8165
  critical
• CVE-2018-8164
  critical
• CVE-2018-8897
  critical
• CVE-2018-8141
  warning
• CVE-2018-8129
  high
• CVE-2018-8142
  high
• CVE-2018-8127
  high
• CVE-2018-8124
  high
• CVE-2018-0961
  critical
• CVE-2018-0824
  critical
• CVE-2018-8170
  high
• CVE-2018-8174
  critical
• CVE-2018-8134
  high
• CVE-2018-8136
  critical
• CVE-2018-8132
  high
• CVE-2018-0854
  high
• CVE-2018-0958
  high
• CVE-2018-0959
  critical

Список KB

• 4093112
• 4103723
• 4103716
• 4103731
• 4103715
• 4103721
• 4103730
• 4103726
• 4103727
• 4103725
• 4093107
• 4093119
• 4103728

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com