Lucene search

K
symantecSymantec Security ResponseSMNTC-103711
HistoryApr 10, 2018 - 12:00 a.m.

Microsoft Wireless Keyboard CVE-2018-8117 Local Security Bypass Vulnerability

2018-04-1000:00:00
Symantec Security Response
www.symantec.com
24
microsoft wireless keyboard
local security bypass
vulnerability
restricted environments
nonprivileged user
trusted individuals
updates
software

EPSS

0.001

Percentile

25.7%

Description

Microsoft Wireless Keyboard is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

Technologies Affected

  • Microsoft Wireless Keyboard 850

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Grant local interactive access to affected computers for trusted and accountable users only.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure database servers and other applications to run as a nonadministrative user with minimal access rights.

Updates are available. Please see the references or vendor advisory for more information.

EPSS

0.001

Percentile

25.7%