Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisaCISACISA:AFED810A1B96D9158C0497156BFFC453
HistoryJan 04, 2019 - 12:00 a.m.

CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

2019-01-0400:00:00
us-cert.cisa.gov
11

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CCโ€™s Vulnerability Notes VU#289907 and VU#531281 and Microsoftโ€™s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; weโ€™d welcome your feedback.

Related

symantec 2
cert 2
prion 2
mscve 2
cve 2
attackerkb 1
cisa_kev 1
thn 2
mskb 14
threatpost 2
qualysblog 1
securelist 4
krebs 1
openvas 8
nessus 10
kaspersky 2
talosblog 1
symantec
symantec
Microsoft Windows DNS Server CVE-2018-8626 Heap Buffer Overflow Vulnerability
2018-12-11 00:00:00
Microsoft Windows Kernel CVE-2018-8611 Local Privilege Escalation Vulnerability
2018-12-11 00:00:00
cert
cert
Microsoft Windows DNS servers are vulnerable to heap overflow
2019-01-04 00:00:00
Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition
2019-01-04 00:00:00
prion
prion
Remote code execution
2018-12-12 00:29:00
Privilege escalation
2018-12-12 00:29:00
mscve
mscve
Windows DNS Server Heap Overflow Vulnerability
2018-12-11 08:00:00
Windows Kernel Elevation of Privilege Vulnerability
2018-12-11 08:00:00
cve
cve
CVE-2018-8626
2018-12-12 00:29:00
CVE-2018-8611
2018-12-12 00:29:00
attackerkb
attackerkb
CVE-2018-8611
2018-12-12 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Kernel Privilege Escalation Vulnerability
2022-05-24 00:00:00
thn
thn
Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack
2018-12-12 08:48:00
Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
2023-09-23 11:10:00
mskb
mskb
December 11, 2018โ€”KB4471322 (Security-only update)
2018-12-11 08:00:00
December 11, 2018โ€”KB4471320 (Monthly Rollup)
2018-12-11 08:00:00
December 11, 2018โ€”KB4471319 (Security-only update)
2018-12-11 08:00:00
threatpost
threatpost
Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay
2018-12-11 22:02:00
Windows Zero-Day Emerges in Active Exploits
2019-04-16 16:13:33
qualysblog
qualysblog
December 2018 Patch Tuesday โ€“ 39 Vulns, Workstation Patches, Adobe Vulns
2018-12-11 19:21:42
securelist
securelist
Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)
2018-12-12 08:00:24
The fourth horseman: CVE-2019-0797 vulnerability
2019-03-13 10:00:52
New zero-day vulnerability CVE-2019-0859 in win32k.sys
2019-04-15 10:00:56
krebs
krebs
Patch Tuesday, December 2018 Edition
2018-12-11 21:05:41
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4471320)
2018-12-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4471329)
2018-12-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4471321)
2018-12-12 00:00:00
nessus
nessus
KB4471324: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 Security Update
2018-12-11 00:00:00
KB4471329: Windows 10 Version 1709 and Windows Server Version 1709 December 2018 Security Update
2018-12-11 00:00:00
KB4471322: Windows 8.1 and Windows Server 2012 R2 December 2018 Security Update
2018-12-11 00:00:00
kaspersky
kaspersky
KLA11385 Multiple vulnerabilities in Microsoft Windows
2018-12-11 00:00:00
KLA11884 Multiple vulnerability in Microsoft Products (ESU)
2018-12-11 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday โ€” December 2018: Vulnerability disclosures and Snort coverage
2018-12-11 10:35:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for CISA:AFED810A1B96D9158C0497156BFFC453
symantec2cert2prion2mscve2cve2attackerkb1cisa_kev1thn2mskb14threatpost2qualysblog1securelist4krebs1openvas8nessus10kaspersky2talosblog1