7 matches found
Time Travel Debugging: finding Windows GDI flaws
Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could lead to remote code execution such as the MSXML one. In this post we will be analysing a case of a W...
CVE-2018-8472
CVE-2018-8472 is a Windows GDI information-disclosure vulnerability. The issue arises from how the Windows Graphics Device Interface handles objects in memory, enabling a local attacker to retrieve information from the target system. Affected software/hosts include multiple Windows platforms list...
Microsoft Windows Multiple Vulnerabilities (KB4462923)
This host is missing a critical security update according to Microsoft KB4462923 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4462922)
This host is missing a critical security update according to Microsoft KB4462922 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA11889 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...
Microsoft Windows GDI Component CVE-2018-8472 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
KB4462937: Windows 10 Version 1703 October 2018 Security Update
The remote Windows host is missing security update 4462937. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...