Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition

Overview The Microsoft Windows Kernel Transaction Manager KTM is vulnerable to a race condition because it fails to properly handle objects in memory, which can result in local privilege escalation. Description CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization 'Rac...

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched by the tech giant th...

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched by the tech giant th...

Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)

Executive summary In October 2018, our AEP Automatic Exploit Prevention systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis led us to uncover a zero-day vulnerability in ntoskrnl.exe. We reported it to Microsoft on October 29, 2018. T...

CVE-2018-8611

creationtimestamp| type| source ---|---|--- 2018-12-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=347 2018-12-12 05:50:02+00:00| seen| https://t.me/securixykz/317 2018-12-12 08:38:31+00:00| exploited| https://t.me/SecLabNews/3830 2018-12-12 09:37:10+00:00| seen|...

CVE-2018-8611

CVE-2018-8611 – Windows kernel elevation of privilege . The vulnerability arises because the Windows kernel fails to properly handle objects in memory, enabling a local attacker to run arbitrary code in kernel mode and perform actions such as installing programs, changing data, or creating accoun...

Microsoft Windows Multiple Vulnerabilities (KB4471329)

This host is missing a critical security update according to Microsoft KB4471329 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay

Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...

Microsoft Windows Kernel CVE-2018-8611 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...