Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08568)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08569)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08334)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08800)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08801)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08762)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2018-08802)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An elevated privilege vulnerability exists in Microsoft Windows kernel. A local attacker can exploit this vulnerability by running a...

April 10, 2018—KB4093111 (OS Build 10240.17831)

April 10, 2018—KB4093111 OS Build 10240.17831 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that generates an access violation on certain pages in Internet Explorer wh...

April 10, 2018—KB4093115 (Security-only update)

April 10, 2018—KB4093115 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Windows Update and WSUS will offer this update to applicable Windows client and serve...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on ...

KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory corrupti...

KB4093109: Windows 10 Version 1511 April 2018 Security Update

The remote Windows host is missing security update 4093109. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file...

Microsoft Windows kernel local elevation of privilege vulnerability (CNVD-2018-08190)

Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 are both operating systems released by Microsoft Corporation in the United States.Microsoft Windows 7 SP1 is an operating system for personal computers.Windows Server 2008 R2 SP1 is a server operating system. Windows Server 2008 R2 SP1 is a...

CVE-2018-1038

The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."...

KVA Shadow: Mitigating Meltdown on Windows

On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post...

Windows Kernel 64-bit stack memory disclosure in nt!KiDispatchException(CVE-2018-0897)

We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTIONRECORD structure to user-mode memory while passing execution to a user-mode exception handler. The vulnerability affects 64-bit versions of Windows 7 to 10. The leak was originally...

Windows Kernel 64-bit pool memory disclosure in win32k!UMPDOBJ::LockSurface(CVE-2018-0813)

We have discovered that the win32k!UMPDOBJ::LockSurface function discloses portions of uninitialized pool memory to user-mode clients. The bug was encountered on Windows 7 64-bit; other versions were not tested. The leak was detected in the context of the splwow64.exe process, under the following...

Windows Kernel 64-bit pool memory disclosure via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries)(CVE-2018-0898)

We have discovered a Windows kernel memory disclosure vulnerability through the body of "AllocConfig" registry values of type REGRESOURCELIST, which can be found under HKLM\SYSTEM\CurrentControlSet\Enum\\Control\AllocConfig. The vulnerability affects 64-bit versions of Windows 7 to 10. The leak...

Windows Kernel 64-bit pool memory disclosure via REG_RESOURCE_LIST registry values (videoprt.sys descriptors)(CVE-2018-0899)

We have discovered a Windows kernel memory disclosure vulnerability through the body of "AllocConfig" registry values of type REGRESOURCELIST corresponding to devices handled by videoprt.sys, which can be found under HKLM\SYSTEM\CurrentControlSet\Enum\\Control\AllocConfig. The vulnerability...

Microsoft Windows Kernel - nt!KiDispatchException 64-bit Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTIONRECORD structure to user-mode memory while passing execution to a user-mode exception handler. The vulnerability affects 64-bit...