Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

A security feature bypass vulnerability in Windows DNS can be exploited remotely to bypass security restrictions.
An elevation of privilege vulnerability in Microsoft Filter Manager can be exploited remotely via specially crafted file to gain privileges.
A remote code execution vulnerability in Microsoft JET Database Engine can be exploited remotely via specially crafted to execute arbitrary code.
A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
An information disclosure vulnerability in DirectX can be exploited remotely via specially crafted application to obtain sensitive information.
An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
An information disclosure vulnerability in Windows TCP/IP can be exploited remotely via specially crafted fragmented to obtain sensitive information.
An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
A security feature bypass vulnerability in Device Guard Code Integrity Policy can be exploited remotely to bypass security restrictions.
An information disclosure vulnerability in Windows Media Player can be exploited remotely via specially crafted hyperlink to obtain sensitive information.
An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely via specially crafted image to obtain sensitive information.
A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
A remote code execution vulnerability in Windows Theme API can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Linux On Windows can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in NTFS can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in MS XML can be exploited remotely via specially crafted website to execute arbitrary code.
A remote code execution vulnerability in Windows Shell can be exploited remotely via specially crafted website to execute arbitrary code.
An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2018-8320
warning
CVE-2018-8333
high
CVE-2018-8423
critical
CVE-2018-8432
critical
CVE-2018-8486
high
CVE-2018-8330
high
CVE-2018-8493
critical
CVE-2018-8472
high
CVE-2018-8492
high
CVE-2018-8481
warning
CVE-2018-8482
warning
CVE-2018-8506
high
CVE-2018-8490
critical
CVE-2018-8413
critical
CVE-2018-8329
critical
CVE-2018-8453
critical
CVE-2018-8411
critical
CVE-2018-8494
critical
CVE-2018-8495
critical
CVE-2018-8484
critical
CVE-2018-8489
critical
CVE-2018-8497
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!