Lucene search

K
mskbMicrosoftKB4074603
HistoryFeb 13, 2018 - 8:00 a.m.

Description of the security update for the Windows Kernel vulnerabilities in Windows Server 2008, WES09, and POSReady 2009: February 13, 2018

2018-02-1308:00:00
Microsoft
support.microsoft.com
25

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.9%

Description of the security update for the Windows Kernel vulnerabilities in Windows Server 2008, WES09, and POSReady 2009: February 13, 2018

Summary

Vulnerabilities exist in the way that the Windows Kernel handles objects in memory.

To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE) pages:

  • CVE-2018-0742 | Windows Kernel Elevation of Privilege Vulnerability
  • CVE-2018-0757 | Windows Kernel Information Disclosure Vulnerability
  • CVE-2018-0810 | Windows Kernel Information Disclosure Vulnerability

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: February 13, 2018

More Information

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2008 file information

Note: The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information for Windows Server 2008

File hash information

File name SHA1 hash SHA256 hash
Windows6.0-KB4074603-x86.msu F0AF2252FBE903D975ADE31DE204200EAD1E290D 09EDDB7FB5659C182457B7322A8B709879416165DC9ACE43ED0DE45E84590DB8
Windows6.0-KB4074603-x64.msu 56947E7C6D0D08B9D1AF5C3BB7E7FFD12BB9D2B8 7FEEAB270AA94F6FEB194FEE20B770D4B06F3A63CB7DE152363DB9B7D06C123C
Windows6.0-KB4074603-ia64.msu 8114EC156CB090E0678AC6E7B6D60C9FCDA6F9EB 3A052AFFC2AC6B7B10A8C493F62B3B2E435DE5DA3069AF0008AC882E34FEB46A

For all supported x86-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24281 2,083,328 11-Jan-2018 14:54 x86

For all supported x64-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24281 2,811,392 11-Jan-2018 15:07 x64

For all supported ia64-based versions

File name File version File size Date Time Platform
Win32k.sys 6.0.6002.24281 6,702,080 11-Jan-2018 15:02 IA-64

File Information for WES09 and POSReady

File hash information

File name SHA1 hash SHA256 hash
WindowsXP-KB4074603-x86-Embedded-ENU.exe 4EE294A0F000172F98D1CCFA36BCF5D2070D248B 0EB47D8BBFF570B8DDF92F3FEC0BAEB4ACCB1F279ACCE85B66F76D09C134F11A
WES09, and POSReady file information

For all supported x86-based versions

File name File version File size Date Time Platform
Win32k.sys 5.1.2600.7410 1,905,792 17-Jan-2018 01:23 x86
Updspapi.dll 6.3.13.0 382,840 16-May-2014 03:08 x86

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.9%