Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11241
HistoryMay 08, 2018 - 12:00 a.m.

KLA11241 Multiple vulnerabilities in Microsoft Windows

2018-05-0800:00:00
Kaspersky Lab
threats.kaspersky.com
1129

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON

Detect date:

05/08/2018

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code.

Affected products:

Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server, version 1803 (Server Core Installation)
Windows Server 2016 (Server Core installation)
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2018-8167
CVE-2018-8166
CVE-2018-8165
CVE-2018-8164
CVE-2018-8897
CVE-2018-8141
CVE-2018-8129
CVE-2018-8142
CVE-2018-8127
CVE-2018-8124
CVE-2018-0961
CVE-2018-0824
CVE-2018-8170
CVE-2018-8174
CVE-2018-8134
CVE-2018-8136
CVE-2018-8132
CVE-2018-0854
CVE-2018-0958
CVE-2018-0959

Impacts:

ACE

Related products:

Microsoft Windows Server 2012

CVE-IDS:

CVE-2018-81674.4Warning
CVE-2018-81666.9High
CVE-2018-81657.2High
CVE-2018-81647.2High
CVE-2018-88977.2High
CVE-2018-81411.9Warning
CVE-2018-81294.6Warning
CVE-2018-81424.6Warning
CVE-2018-81272.1Warning
CVE-2018-81246.9High
CVE-2018-09617.4High
CVE-2018-08245.1High
CVE-2018-81704.4Warning
CVE-2018-81747.6Critical
CVE-2018-81346.9High
CVE-2018-81369.3Critical
CVE-2018-81324.6Warning
CVE-2018-08544.6Warning
CVE-2018-09584.6Warning
CVE-2018-09597.4High

Microsoft official advisories:

KB list:

4093112
4103723
4103716
4103731
4103715
4103721
4103730
4103726
4103727
4103725
4093107
4093119
4103728

Exploitation:

Public exploits exist for this vulnerability.

References

Related

mskb 18
kaspersky 1
nessus 17
cve 21
prion 21
thn 1
threatpost 3
openvas 8
attackerkb 3
qualysblog 2
trendmicroblog 1
talosblog 2
symantec 20
mscve 20
checkpoint_advisories 6
zdi 6
zdt 5
fireeye 2
malwarebytes 5
krebs 1
myhack58 2
metasploit 2
securelist 3
packetstorm 2
hackread 1
cisa_kev 1
exploitpack 1
photon 1
oraclelinux 3
debiancve 1
huawei 2
cisa 1
redhatcve 1
xen 1
veracode 1
cert 1
ubuntucve 1
redhat 2
freebsd 1
osv 1
f5 1
freebsd_advisory 1
exploitdb 2
googleprojectzero 1
srcincite 1
canvas 1
mskb
mskb
May 8, 2018—KB4103715 (Security-only update)
2018-05-08 07:00:00
May 8, 2018—KB4103726 (Security-only update)
2018-05-08 07:00:00
May 8, 2018—KB4103712 (Security-only update)
2018-05-08 07:00:00
kaspersky
kaspersky
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
2018-05-08 00:00:00
nessus
nessus
Security Updates for Windows Server 2008 (May 2018)
2018-05-09 00:00:00
KB4103726: Windows Server 2012 May 2018 Security Update
2018-05-08 00:00:00
KB4103715: Windows 8.1 and Windows Server 2012 R2 May 2018 Security Update
2018-05-08 00:00:00
cve
cve
CVE-2018-8132
2018-05-09 19:29:00
CVE-2018-8129
2018-05-09 19:29:00
CVE-2018-0958
2018-05-09 19:29:00
prion
prion
Security feature bypass
2018-05-09 19:29:00
Security feature bypass
2018-05-09 19:29:00
Security feature bypass
2018-05-09 19:29:00
thn
thn
Microsoft Patches Two Zero-Day Flaws Under Active Attack
2018-05-09 06:14:00
threatpost
threatpost
May Patch Tuesday Fixes Two Bugs Under Active Attack
2018-05-08 20:42:20
Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked
2018-05-10 15:37:07
Darkhotel Exploits Microsoft Zero-Day VBScript Flaw
2018-08-20 16:39:26
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103725)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103723)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103718)
2018-05-09 00:00:00
attackerkb
attackerkb
CVE-2018-8164
2018-05-09 00:00:00
CVE-2018-8120
2018-05-09 00:00:00
CVE-2018-8174
2018-05-09 00:00:00
qualysblog
qualysblog
May 2018 Patch Tuesday – Medium Weight, However One Active Exploit Needs Attention
2018-05-08 18:20:24
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
2018-05-14 18:47:42
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018
2018-05-11 15:37:20
talosblog
talosblog
Microsoft Patch Tuesday - May 2018
2018-05-08 12:02:00
Welcome Spelevo: New exploit kit full of old tricks
2019-06-27 13:27:21
symantec
symantec
Microsoft Windows Kernel Image CVE-2018-8170 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8124 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8164 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
mscve
mscve
Windows Image Elevation of Privilege Vulnerability
2018-05-08 07:00:00
Windows Security Feature Bypass Vulnerability
2018-05-08 07:00:00
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2018-8167)
2018-05-08 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
2018-05-08 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2018-8124)
2018-05-08 00:00:00
zdi
zdi
Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability
2018-05-14 00:00:00
(Pwn2Own) Microsoft Windows D3DKMTCreateDCFromMemory Memory Corruption Privilege Escalation Vulnerability
2018-06-08 00:00:00
(Pwn2Own) Microsoft Windows DirectX Integer Overflow Privilege Escalation Vulnerability
2018-06-08 00:00:00
zdt
zdt
Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation Exploit
2018-05-16 00:00:00
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-19 00:00:00
Microsoft Internet Explorer 11 #InternetExplorer #IE (#Windows7 x64/x86) - vbscript Code Execution E
2018-05-24 00:00:00
fireeye
fireeye
Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware
2018-09-06 11:00:00
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
2020-05-07 00:00:00
malwarebytes
malwarebytes
Maze: the ransomware that introduced an extra twist
2020-05-29 15:00:00
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
2018-09-26 17:13:26
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
2020-07-21 15:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2018 Edition
2018-05-08 20:38:16
myhack58
myhack58
The Windows VBScript Engine RCE vulnerability of CVE-2018-8174 analysis and use-vulnerability and early warning-the black bar safety net
2018-11-08 00:00:00
To see the Hidden Bee how to use a new vulnerability propagation-vulnerability warning-the black bar safety net
2018-08-07 00:00:00
metasploit
metasploit
Windows unmarshal post exploitation
2018-10-19 23:15:44
Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability
2018-07-13 06:11:37
securelist
securelist
CactusPete APT group’s updated Bisonal backdoor
2020-08-13 10:00:09
Delving deep into VBScript
2018-07-03 13:00:13
IT threat evolution Q2 2018
2018-08-06 10:00:53
packetstorm
packetstorm
Microsoft Internet Explorer 11 Vbscript Code Execution
2018-05-24 00:00:00
Microsoft Windows POP/MOV SS Local Privilege Elevation
2018-07-13 00:00:00
hackread
hackread
New backdoor malware hits Slack and Github platforms
2019-03-08 15:56:09
cisa_kev
cisa_kev
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
2022-02-15 00:00:00
exploitpack
exploitpack
Microsoft Windows - POPMOV SS Privilege Escalation
2018-05-22 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A
2018-05-03 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
kernel security update
2018-09-18 00:00:00
debiancve
debiancve
CVE-2018-8897
2018-05-08 18:29:00
huawei
huawei
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
cisa
cisa
Debug Exception May Cause Unexpected Behavior
2018-05-08 00:00:00
redhatcve
redhatcve
CVE-2018-8897
2020-04-07 11:35:31
xen
xen
x86: mishandling of debug exceptions
2018-05-08 16:45:00
veracode
veracode
Local Privilege Escalation
2019-01-15 09:21:51
cert
cert
Hardware debug exception documentation may result in unexpected behavior
2018-05-08 00:00:00
ubuntucve
ubuntucve
CVE-2018-8897
2018-05-08 00:00:00
redhat
redhat
(RHSA-2018:1352) Moderate: kernel security update
2018-05-08 21:59:05
(RHSA-2018:1353) Moderate: kernel security update
2018-05-08 21:59:19
freebsd
freebsd
FreeBSD -- Mishandling of x86 debug exceptions
2018-05-08 00:00:00
osv
osv
CVE-2018-8897
2018-05-08 18:29:00
f5
f5
K17403481 : Linux kernel vulnerability CVE-2018-8897
2018-05-15 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:06.debugreg
2018-05-08 00:00:00
exploitdb
exploitdb
Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
2018-07-13 00:00:00
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
2018-05-22 00:00:00
googleprojectzero
googleprojectzero
On VBScript
2018-12-19 00:00:00
srcincite
srcincite
SRC-2019-0009 : Foxit Reader SDK ActiveX Launch Action New Window Command Injection Remote Code Execution Vulnerability
2018-11-20 00:00:00
canvas
canvas
Immunity Canvas: UNMARSHAL_TO_SYSTEM
2018-09-07 14:29:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON
Related for KLA11241
mskb18kaspersky1nessus17cve21prion21thn1threatpost3openvas8attackerkb3qualysblog2trendmicroblog1talosblog2symantec20mscve20checkpoint_advisories6zdi6zdt5fireeye2malwarebytes5krebs1myhack582metasploit2securelist3packetstorm2hackread1cisa_kev1exploitpack1photon1oraclelinux3debiancve1huawei2cisa1redhatcve1xen1veracode1cert1ubuntucve1redhat2freebsd1osv1f51freebsd_advisory1exploitdb2googleprojectzero1srcincite1canvas1