Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4103726
HistoryMay 08, 2018 - 7:00 a.m.

May 8, 2018—KB4103726 (Security-only update)

2018-05-0807:00:00
Microsoft
support.microsoft.com
119

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

May 8, 2018—KB4103726 (Security-only update)

Improvements and fixes

This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses an issue that may cause an error when connecting to a Remote Desktop server. For more information, see CredSSP updates for CVE-2018-0886.
  • Security updates to Windows app platform and frameworks, Windows apps, Windows kernel, Microsoft Graphics Component, HTML help, and Windows storage and filesystems.
    For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Microsoft is not currently aware of any issues with this update.

How to get this update

This update is now available for installation through WSUS. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4103726.

Related

mskb 20
nessus 26
kaspersky 2
openvas 10
prion 15
attackerkb 3
cve 15
mscve 12
checkpoint_advisories 7
symantec 12
zdi 5
qualysblog 3
krebs 1
fireeye 2
malwarebytes 6
zdt 5
securelist 3
packetstorm 2
myhack58 2
metasploit 2
hackread 1
cisa_kev 1
thn 2
exploitpack 3
veracode 1
ubuntucve 2
cert 1
oraclelinux 3
cisa 1
redhatcve 3
xen 1
photon 1
debiancve 1
huawei 2
threatpost 3
redhat 5
freebsd 1
osv 2
f5 1
freebsd_advisory 1
exploitdb 3
googleprojectzero 1
talosblog 1
srcincite 2
canvas 1
ics 1
githubexploit 1
mskb
mskb
May 8, 2018—KB4103712 (Security-only update)
2018-05-08 07:00:00
May 8, 2018—KB4103715 (Security-only update)
2018-05-08 07:00:00
May 8, 2018—KB4103730 (Monthly Rollup)
2018-05-08 07:00:00
nessus
nessus
Security Updates for Windows Server 2008 (May 2018)
2018-05-09 00:00:00
KB4103726: Windows Server 2012 May 2018 Security Update
2018-05-08 00:00:00
KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update
2018-05-08 00:00:00
kaspersky
kaspersky
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
2018-05-08 00:00:00
KLA11241 Multiple vulnerabilities in Microsoft Windows
2018-05-08 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103725)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103718)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103723)
2018-05-09 00:00:00
prion
prion
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
attackerkb
attackerkb
CVE-2018-8164
2018-05-09 00:00:00
CVE-2018-8120
2018-05-09 00:00:00
CVE-2018-8174
2018-05-09 00:00:00
cve
cve
CVE-2018-8124
2018-05-09 19:29:00
CVE-2018-8164
2018-05-09 19:29:00
CVE-2018-8120
2018-05-09 19:29:00
mscve
mscve
Microsoft Windows Information Disclosure Vulnerability
2017-12-12 08:00:00
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2018-05-08 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2018-8167)
2018-05-08 00:00:00
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
2018-05-08 00:00:00
Microsoft Windows ITS Protocol Information Disclosure (CVE-2017-11927)
2018-01-03 00:00:00
symantec
symantec
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8164 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8124 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
Microsoft Windows CVE-2017-11927 Information Disclosure Vulnerability
2017-12-12 00:00:00
zdi
zdi
(Pwn2Own) Microsoft Windows D3DKMTCreateDCFromMemory Memory Corruption Privilege Escalation Vulnerability
2018-06-08 00:00:00
Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability
2018-05-14 00:00:00
Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability
2018-06-05 00:00:00
qualysblog
qualysblog
May 2018 Patch Tuesday – Medium Weight, However One Active Exploit Needs Attention
2018-05-08 18:20:24
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
2018-05-14 18:47:42
March Patch Tuesday – 75 Microsoft vulnerabilities, 7 for Adobe
2018-03-13 18:39:45
krebs
krebs
Microsoft Patch Tuesday, May 2018 Edition
2018-05-08 20:38:16
fireeye
fireeye
Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware
2018-09-06 11:00:00
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
2020-05-07 00:00:00
malwarebytes
malwarebytes
Maze: the ransomware that introduced an extra twist
2020-05-29 15:00:00
Exploit kits: summer 2018 review
2018-08-07 15:00:00
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
2018-09-26 17:13:26
zdt
zdt
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-19 00:00:00
Microsoft Internet Explorer 11 #InternetExplorer #IE (#Windows7 x64/x86) - vbscript Code Execution E
2018-05-24 00:00:00
Microsoft Credential Security Support Provider - Remote Code Execution Vulnerability
2018-04-14 00:00:00
securelist
securelist
CactusPete APT group’s updated Bisonal backdoor
2020-08-13 10:00:09
Delving deep into VBScript
2018-07-03 13:00:13
IT threat evolution Q2 2018
2018-08-06 10:00:53
packetstorm
packetstorm
Microsoft Internet Explorer 11 Vbscript Code Execution
2018-05-24 00:00:00
Microsoft Windows POP/MOV SS Local Privilege Elevation
2018-07-13 00:00:00
myhack58
myhack58
The Windows VBScript Engine RCE vulnerability of CVE-2018-8174 analysis and use-vulnerability and early warning-the black bar safety net
2018-11-08 00:00:00
To see the Hidden Bee how to use a new vulnerability propagation-vulnerability warning-the black bar safety net
2018-08-07 00:00:00
metasploit
metasploit
Windows unmarshal post exploitation
2018-10-19 23:15:44
Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability
2018-07-13 06:11:37
hackread
hackread
New backdoor malware hits Slack and Github platforms
2019-03-08 15:56:09
cisa_kev
cisa_kev
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
2022-02-15 00:00:00
thn
thn
CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows
2018-03-13 18:06:00
Microsoft Patches Two Zero-Day Flaws Under Active Attack
2018-05-09 06:14:00
exploitpack
exploitpack
Microsoft Credential Security Support Provider - Remote Code Execution
2018-04-13 00:00:00
Microsoft Windows - POPMOV SS Privilege Escalation
2018-05-22 00:00:00
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
veracode
veracode
Local Privilege Escalation
2019-01-15 09:21:51
ubuntucve
ubuntucve
CVE-2018-8897
2018-05-08 00:00:00
CVE-2018-10872
2018-07-10 00:00:00
cert
cert
Hardware debug exception documentation may result in unexpected behavior
2018-05-08 00:00:00
oraclelinux
oraclelinux
kernel security update
2018-09-18 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
cisa
cisa
Debug Exception May Cause Unexpected Behavior
2018-05-08 00:00:00
redhatcve
redhatcve
CVE-2018-8897
2020-04-07 11:35:31
CVE-2018-10872
2018-07-10 15:19:17
CVE-2018-1087
2020-04-08 20:05:13
xen
xen
x86: mishandling of debug exceptions
2018-05-08 16:45:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A
2018-05-03 00:00:00
debiancve
debiancve
CVE-2018-8897
2018-05-08 18:29:00
huawei
huawei
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
threatpost
threatpost
Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked
2018-05-10 15:37:07
May Patch Tuesday Fixes Two Bugs Under Active Attack
2018-05-08 20:42:20
Darkhotel Exploits Microsoft Zero-Day VBScript Flaw
2018-08-20 16:39:26
redhat
redhat
(RHSA-2018:1353) Moderate: kernel security update
2018-05-08 21:59:19
(RHSA-2018:1352) Moderate: kernel security update
2018-05-08 21:59:05
(RHSA-2018:1354) Important: kernel-rt security update
2018-05-08 22:00:10
freebsd
freebsd
FreeBSD -- Mishandling of x86 debug exceptions
2018-05-08 00:00:00
osv
osv
CVE-2018-8897
2018-05-08 18:29:00
linux - security update
2018-05-08 00:00:00
f5
f5
K17403481 : Linux kernel vulnerability CVE-2018-8897
2018-05-15 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:06.debugreg
2018-05-08 00:00:00
exploitdb
exploitdb
Microsoft Credential Security Support Provider - Remote Code Execution
2018-04-13 00:00:00
Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
2018-07-13 00:00:00
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
2018-05-22 00:00:00
googleprojectzero
googleprojectzero
On VBScript
2018-12-19 00:00:00
talosblog
talosblog
Welcome Spelevo: New exploit kit full of old tricks
2019-06-27 13:27:21
srcincite
srcincite
SRC-2019-0009 : Foxit Reader SDK ActiveX Launch Action New Window Command Injection Remote Code Execution Vulnerability
2018-11-20 00:00:00
SRC-2019-0010 : Foxit Reader SDK ActiveX URI Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability
2018-11-20 00:00:00
canvas
canvas
Immunity Canvas: UNMARSHAL_TO_SYSTEM
2018-09-07 14:29:00
ics
ics
PEPPERL+FUCHS VisuNet RM, VisuNet PC, and Box Thin Client
2018-07-17 12:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2019-05-23 10:28:40

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for KB4103726
mskb20nessus26kaspersky2openvas10prion15attackerkb3cve15mscve12checkpoint_advisories7symantec12zdi5qualysblog3krebs1fireeye2malwarebytes6zdt5securelist3packetstorm2myhack582metasploit2hackread1cisa_kev1thn2exploitpack3veracode1ubuntucve2cert1oraclelinux3cisa1redhatcve3xen1photon1debiancve1huawei2threatpost3redhat5freebsd1osv2f51freebsd_advisory1exploitdb3googleprojectzero1talosblog1srcincite2canvas1ics1githubexploit1