Microsoft Wireless Keyboard CVE-2018-8117 Local Security Bypass Vulnerability

Description

Microsoft Wireless Keyboard is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

Technologies Affected

• Microsoft Wireless Keyboard 850

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Grant local interactive access to affected computers for trusted and accountable users only.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure database servers and other applications to run as a nonadministrative user with minimal access rights.

Updates are available. Please see the references or vendor advisory for more information.