Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11894
HistoryMay 08, 2018 - 12:00 a.m.

KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)

2018-05-0800:00:00
Kaspersky Lab
threats.kaspersky.com
39

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON

Detect date:

05/08/2018

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.

Exploitation:

Public exploits exist for this vulnerability.

Affected products:

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Server, version 1803 (Server Core Installation)
Internet Explorer 9
Windows 10 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012
ChakraCore
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 11
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2016
Windows 10 Version 1709 for x64-based Systems
Windows RT 8.1
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows 10 Version 1703 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Microsoft Edge (EdgeHTML-based)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1803 for 32-bit Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 10
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1709 for 32-bit Systems
Windows Server 2012 R2
Windows 10 Version 1803 for x64-based Systems

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2018-0959
CVE-2018-0954
CVE-2018-8167
CVE-2018-8166
CVE-2018-8164
CVE-2018-8174
CVE-2018-8136
CVE-2018-8897
CVE-2018-0955
CVE-2018-0824
CVE-2018-8120
CVE-2018-8127
CVE-2018-8124

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2018-81677.0High
CVE-2018-81667.0High
CVE-2018-81647.8Critical
CVE-2018-88977.8Critical
CVE-2018-81207.0High
CVE-2018-81275.5High
CVE-2018-81247.0High
CVE-2018-08247.5Critical
CVE-2018-81747.5Critical
CVE-2018-81367.8Critical
CVE-2018-09597.6Critical
CVE-2018-09547.5Critical
CVE-2018-09557.5Critical

KB list:

4103712
4103718
4134651
4131188
4094079
4130944
4101477
4130956
4103768

Microsoft official advisories:

References

Related

nessus 22
mskb 19
prion 13
attackerkb 3
cve 13
openvas 8
kaspersky 1
thn 2
threatpost 4
malwarebytes 7
packetstorm 3
symantec 12
securelist 7
metasploit 3
checkpoint_advisories 8
cisa_kev 2
mscve 13
canvas 2
zdt 5
zdi 5
qualysblog 2
fireeye 2
krebs 1
myhack58 3
exploitdb 3
hackread 1
veracode 1
ubuntucve 1
cert 1
exploitpack 2
photon 1
oraclelinux 3
debiancve 1
huawei 2
cisa 1
redhatcve 1
xen 1
redhat 4
freebsd 1
trellix 2
osv 2
f5 1
freebsd_advisory 1
trendmicroblog 1
mssecure 1
seebug 1
googleprojectzero 1
talosblog 2
srcincite 2
githubexploit 1
nessus
nessus
Security Updates for Windows Server 2008 (May 2018)
2018-05-09 00:00:00
KB4103726: Windows Server 2012 May 2018 Security Update
2018-05-08 00:00:00
KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update
2018-05-08 00:00:00
mskb
mskb
May 8, 2018—KB4103712 (Security-only update)
2018-05-08 07:00:00
May 8, 2018—KB4103730 (Monthly Rollup)
2018-05-08 07:00:00
May 8, 2018—KB4103726 (Security-only update)
2018-05-08 07:00:00
prion
prion
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
attackerkb
attackerkb
CVE-2018-8164
2018-05-09 00:00:00
CVE-2018-8120
2018-05-09 00:00:00
CVE-2018-8174
2018-05-09 00:00:00
cve
cve
CVE-2018-8124
2018-05-09 19:29:00
CVE-2018-8120
2018-05-09 19:29:00
CVE-2018-8164
2018-05-09 19:29:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103718)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103725)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103723)
2018-05-09 00:00:00
kaspersky
kaspersky
KLA11241 Multiple vulnerabilities in Microsoft Windows
2018-05-08 00:00:00
thn
thn
Microsoft Patches Two Zero-Day Flaws Under Active Attack
2018-05-09 06:14:00
Two Zero-Day Exploits Found After Someone Uploaded 'Unarmed' PoC to VirusTotal
2018-07-02 18:28:00
threatpost
threatpost
May Patch Tuesday Fixes Two Bugs Under Active Attack
2018-05-08 20:42:20
ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks
2019-05-13 16:46:09
Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked
2018-05-10 15:37:07
malwarebytes
malwarebytes
Adobe Reader zero-day discovered alongside Windows vulnerability
2018-05-15 18:44:14
Maze: the ransomware that introduced an extra twist
2020-05-29 15:00:00
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
2018-09-26 17:13:26
packetstorm
packetstorm
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-19 00:00:00
Microsoft Internet Explorer 11 Vbscript Code Execution
2018-05-24 00:00:00
Microsoft Windows POP/MOV SS Local Privilege Elevation
2018-07-13 00:00:00
symantec
symantec
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8120 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8164 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8124 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
securelist
securelist
ScarCruft continues to evolve, introduces Bluetooth harvester
2019-05-13 10:00:03
CactusPete APT group’s updated Bisonal backdoor
2020-08-13 10:00:09
A mining multitool
2018-07-26 10:00:25
metasploit
metasploit
Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-10 19:41:14
Windows unmarshal post exploitation
2018-10-19 23:15:44
Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability
2018-07-13 06:11:37
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2018-8167)
2018-05-08 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
2018-05-08 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2018-8120)
2018-05-08 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-03-15 00:00:00
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
2022-02-15 00:00:00
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
canvas
canvas
Immunity Canvas: SETIMEINFOEX_LPE
2018-05-09 19:29:00
Immunity Canvas: UNMARSHAL_TO_SYSTEM
2018-09-07 14:29:00
zdt
zdt
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
2018-10-22 00:00:00
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-19 00:00:00
Microsoft Internet Explorer 11 #InternetExplorer #IE (#Windows7 x64/x86) - vbscript Code Execution E
2018-05-24 00:00:00
zdi
zdi
(Pwn2Own) Microsoft Windows D3DKMTCreateDCFromMemory Memory Corruption Privilege Escalation Vulnerability
2018-06-08 00:00:00
Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability
2018-05-14 00:00:00
Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability
2018-06-05 00:00:00
qualysblog
qualysblog
May 2018 Patch Tuesday – Medium Weight, However One Active Exploit Needs Attention
2018-05-08 18:20:24
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
2018-05-14 18:47:42
fireeye
fireeye
Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware
2018-09-06 11:00:00
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
2020-05-07 00:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2018 Edition
2018-05-08 20:38:16
myhack58
myhack58
The Windows VBScript Engine RCE vulnerability of CVE-2018-8174 analysis and use-vulnerability and early warning-the black bar safety net
2018-11-08 00:00:00
CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net
2018-06-01 00:00:00
To see the Hidden Bee how to use a new vulnerability propagation-vulnerability warning-the black bar safety net
2018-08-07 00:00:00
exploitdb
exploitdb
Microsoft Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)
2018-10-22 00:00:00
Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
2018-07-13 00:00:00
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
2018-05-22 00:00:00
hackread
hackread
New backdoor malware hits Slack and Github platforms
2019-03-08 15:56:09
veracode
veracode
Local Privilege Escalation
2019-01-15 09:21:51
ubuntucve
ubuntucve
CVE-2018-8897
2018-05-08 00:00:00
cert
cert
Hardware debug exception documentation may result in unexpected behavior
2018-05-08 00:00:00
exploitpack
exploitpack
Microsoft Windows - POPMOV SS Privilege Escalation
2018-05-22 00:00:00
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A
2018-05-03 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
kernel security update
2018-09-18 00:00:00
debiancve
debiancve
CVE-2018-8897
2018-05-08 18:29:00
huawei
huawei
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
cisa
cisa
Debug Exception May Cause Unexpected Behavior
2018-05-08 00:00:00
redhatcve
redhatcve
CVE-2018-8897
2020-04-07 11:35:31
xen
xen
x86: mishandling of debug exceptions
2018-05-08 16:45:00
redhat
redhat
(RHSA-2018:1353) Moderate: kernel security update
2018-05-08 21:59:19
(RHSA-2018:1352) Moderate: kernel security update
2018-05-08 21:59:05
(RHSA-2018:1349) Moderate: kernel security and bug fix update
2018-05-08 20:59:57
freebsd
freebsd
FreeBSD -- Mishandling of x86 debug exceptions
2018-05-08 00:00:00
trellix
trellix
Rapidly Evolving Ransomware Gandcrab Version
2018-10-10 00:00:00
Rapidly Evolving Ransomware Gandcrab Version
2018-10-10 00:00:00
osv
osv
CVE-2018-8897
2018-05-08 18:29:00
linux - security update
2018-05-08 00:00:00
f5
f5
K17403481 : Linux kernel vulnerability CVE-2018-8897
2018-05-15 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:06.debugreg
2018-05-08 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018
2018-05-11 15:37:20
mssecure
mssecure
Taking apart a double zero-day sample discovered in joint hunt with ESET
2018-07-02 15:00:00
seebug
seebug
Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)
2018-05-21 00:00:00
googleprojectzero
googleprojectzero
On VBScript
2018-12-19 00:00:00
talosblog
talosblog
Welcome Spelevo: New exploit kit full of old tricks
2019-06-27 13:27:21
Microsoft Patch Tuesday - May 2018
2018-05-08 12:02:00
srcincite
srcincite
SRC-2019-0009 : Foxit Reader SDK ActiveX Launch Action New Window Command Injection Remote Code Execution Vulnerability
2018-11-20 00:00:00
SRC-2019-0010 : Foxit Reader SDK ActiveX URI Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability
2018-11-20 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2019-05-23 10:28:40

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON
Related for KLA11894
nessus22mskb19prion13attackerkb3cve13openvas8kaspersky1thn2threatpost4malwarebytes7packetstorm3symantec12securelist7metasploit3checkpoint_advisories8cisa_kev2mscve13canvas2zdt5zdi5qualysblog2fireeye2krebs1myhack583exploitdb3hackread1veracode1ubuntucve1cert1exploitpack2photon1oraclelinux3debiancve1huawei2cisa1redhatcve1xen1redhat4freebsd1trellix2osv2f51freebsd_advisory1trendmicroblog1mssecure1seebug1googleprojectzero1talosblog2srcincite2githubexploit1