Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
A denial of service vulnerability in Windows Firewall can be exploited remotely to cause denial of service.
A denial of service vulnerability in Windows can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
A security feature bypass vulnerability in WordPad can be exploited remotely to bypass security restrictions.
A denial of service vulnerability in Windows DNSAPI can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.

Первичный источник обнаружения

CVE-2018-8314
CVE-2018-8242
CVE-2018-0949
CVE-2018-8206
CVE-2018-8309
CVE-2018-8308
CVE-2018-8307
CVE-2018-8304
CVE-2018-8282

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2018-8282
high
CVE-2018-8314
warning
CVE-2018-8307
high
CVE-2018-8309
warning
CVE-2018-8304
high
CVE-2018-8308
critical
CVE-2018-8206
critical
CVE-2018-0949
warning
CVE-2018-8242
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!