Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11207
HistoryMar 13, 2018 - 12:00 a.m.

KLA11207 Multiple vulnerabilities in Microsoft Windows

2018-03-1300:00:00
Kaspersky Lab
threats.kaspersky.com
167

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.708 High

EPSS

Percentile

98.0%

JSON

Detect date:

03/13/2018

Severity:

High

Description:

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, cause denial of service.

Affected products:

Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows 10 Version 1803 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2016 (Server Core installation)
Windows Server, version 1709 (Server Core Installation)
Windows Server 2019
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2018-0811
CVE-2018-0813
CVE-2018-0814
CVE-2018-0816
CVE-2018-0817
CVE-2018-0868
CVE-2018-0877
CVE-2018-0878
CVE-2018-0880
CVE-2018-0881
CVE-2018-0882
CVE-2018-0883
CVE-2018-0884
CVE-2018-0885
CVE-2018-0886
CVE-2018-0888
CVE-2018-0894
CVE-2018-0895
CVE-2018-0896
CVE-2018-0897
CVE-2018-0898
CVE-2018-0899
CVE-2018-0900
CVE-2018-0901
CVE-2018-0902
CVE-2018-0904
CVE-2018-0926
CVE-2018-0977
CVE-2018-0983

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2018-08112.1Warning
CVE-2018-08132.1Warning
CVE-2018-08142.1Warning
CVE-2018-08166.9High
CVE-2018-08176.9High
CVE-2018-08686.9High
CVE-2018-08777.2High
CVE-2018-08782.6Warning
CVE-2018-08806.9High
CVE-2018-08816.9High
CVE-2018-08826.9High
CVE-2018-08837.6Critical
CVE-2018-08844.6Warning
CVE-2018-08856.3High
CVE-2018-08867.6Critical
CVE-2018-08884.7Warning
CVE-2018-08941.9Warning
CVE-2018-08951.9Warning
CVE-2018-08961.9Warning
CVE-2018-08971.9Warning
CVE-2018-08981.9Warning
CVE-2018-08991.9Warning
CVE-2018-09001.9Warning
CVE-2018-09011.9Warning
CVE-2018-09024.6Warning
CVE-2018-09041.9Warning
CVE-2018-09262.1Warning
CVE-2018-09776.9High
CVE-2018-09836.9High

Microsoft official advisories:

KB list:

4103723
4088782
4088787
4088786
4088779
4088877
4088776
4088876
4088879
4088880
4103716
4103731
4103715
4103721
4103730
4103726
4103727
4103725
4556799
4551853

Exploitation:

Public exploits exist for this vulnerability.

References

Related

mskb 20
prion 30
cve 30
nessus 10
kaspersky 1
openvas 6
talosblog 1
trendmicroblog 1
qualysblog 1
threatpost 1
zdt 9
mscve 29
packetstorm 1
seebug 10
thn 2
symantec 29
checkpoint_advisories 7
zdi 3
exploitpack 3
exploitdb 3
ics 1
googleprojectzero 1
mskb
mskb
March 13, 2018—KB4088879 (Security-only update)
2018-03-13 07:00:00
March 13, 2018—KB4088880 (Security-only update)
2018-03-13 07:00:00
March 13, 2018—KB4088878 (Security-only update)
2018-03-13 07:00:00
prion
prion
Information disclosure
2018-03-14 17:29:00
Information disclosure
2018-03-14 17:29:00
Information disclosure
2018-03-14 17:29:00
cve
cve
CVE-2018-0894
2018-03-14 17:29:00
CVE-2018-0899
2018-03-14 17:29:00
CVE-2018-0901
2018-03-14 17:29:00
nessus
nessus
Security Updates for Windows Server 2008 (March 2018)
2018-03-13 00:00:00
KB4088880: Windows Server 2012 March 2018 Security Update (Meltdown)(Spectre)
2018-03-13 00:00:00
KB4088879: Windows 8.1 and Windows Server 2012 R2 March 2018 Security Update (Meltdown)(Spectre)
2018-03-13 00:00:00
kaspersky
kaspersky
KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
2018-03-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4088876)
2018-03-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4088875)
2018-03-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4088787)
2018-03-14 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - March 2018
2018-03-13 14:38:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 12, 2018
2018-03-16 15:14:43
qualysblog
qualysblog
March Patch Tuesday – 75 Microsoft vulnerabilities, 7 for Adobe
2018-03-13 18:39:45
threatpost
threatpost
Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update
2018-03-13 18:25:37
zdt
zdt
Microsoft Windows - Desktop Bridge VFS Privilege Escalation Exploit
2018-03-20 00:00:00
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) 64-bit Pool Memory
2018-03-20 00:00:00
Microsoft Windows Kernel - NtQueryInformationThread(ThreadBasicInformation) 64-bit Stack Memory Disc
2018-03-20 00:00:00
mscve
mscve
Windows Desktop Bridge Elevation of Privilege Vulnerability
2018-03-13 07:00:00
Windows Remote Assistance Information Disclosure Vulnerability
2018-03-13 07:00:00
Windows Kernel Information Disclosure Vulnerability
2018-03-13 07:00:00
packetstorm
packetstorm
Microsoft Windows Remote Assistance XXE Injection
2018-03-28 00:00:00
seebug
seebug
Windows Kernel 64-bit pool memory disclosure in NtQueryVirtualMemory(MemoryMappedFilenameInformation)(CVE-2018-0894)
2018-03-23 00:00:00
Windows Kernel 64-bit pool memory disclosure via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries)(CVE-2018-0898)
2018-03-23 00:00:00
Windows Kernel 64-bit stack memory disclosure in msrpc!LRPC_CASSOCIATION::AlpcSendCancelMessage(CVE-2018-0896)
2018-03-23 00:00:00
thn
thn
Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files
2018-03-20 18:56:00
CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows
2018-03-13 18:06:00
symantec
symantec
Microsoft Windows Desktop Bridge VFS CVE-2018-0877 Local Privilege Escalation Vulnerability
2018-03-13 00:00:00
Microsoft Windows Desktop Bridge CVE-2018-0882 Local Privilege Escalation Vulnerability
2018-03-13 00:00:00
Microsoft Windows GDI Component CVE-2018-0816 Local Privilege Escalation Vulnerability
2018-03-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Remote Assistance XXE Injection Information Disclosure (CVE-2018-0878)
2018-03-20 00:00:00
Microsoft Windows Desktop Bridge VFS Elevation of Privilege (CVE-2018-0877)
2018-03-13 00:00:00
Microsoft Windows GDI Elevation of Privilege (CVE-2018-0817)
2018-03-13 00:00:00
zdi
zdi
Microsoft Windows Remote Assistance XML External Entity Processing Information Disclosure Vulnerability
2018-03-19 00:00:00
Microsoft Windows Font Creation Race Condition Privilege Escalation Vulnerability
2018-03-19 00:00:00
Microsoft Windows BasicRender Untrusted Pointer Dereference Privilege Escalation Vulnerability
2018-03-19 00:00:00
exploitpack
exploitpack
Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
2018-06-20 00:00:00
Microsoft Windows Remote Assistance - XML External Entity Injection
2018-03-28 00:00:00
Microsoft Credential Security Support Provider - Remote Code Execution
2018-04-13 00:00:00
exploitdb
exploitdb
Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
2018-06-20 00:00:00
Microsoft Windows Remote Assistance - XML External Entity Injection
2018-03-28 00:00:00
Microsoft Credential Security Support Provider - Remote Code Execution
2018-04-13 00:00:00
ics
ics
PEPPERL+FUCHS VisuNet RM, VisuNet PC, and Box Thin Client
2018-07-17 12:00:00
googleprojectzero
googleprojectzero
Hunting for Bugs in Windows Mini-Filter Drivers
2021-01-14 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.708 High

EPSS

Percentile

98.0%

JSON
Related for KLA11207
mskb20prion30cve30nessus10kaspersky1openvas6talosblog1trendmicroblog1qualysblog1threatpost1zdt9mscve29packetstorm1seebug10thn2symantec29checkpoint_advisories7zdi3exploitpack3exploitdb3ics1googleprojectzero1