KLA11219 PE vulnerability in Microsoft Products (ESU)

2018-03-29T00:00:00
ID KLA11219
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-06-18T00:00:00

Description

Detect date:

03/29/2018

Severity:

High

Description:

PE vulnerability was found in Microsoft Products (Extended Support Update). Malicious users can exploit this vulnerability to gain privileges.

Affected products:

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2018-1038

Impacts:

PE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2018-10387.2High

Microsoft official advisories:

KB list:

4100480

Exploitation:

The following public exploits exists for this vulnerability: