Lucene search
Symantec Security ResponseSMNTC-104034HistoryMay 08, 2018 - 12:00 a.m.
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8120 Local Privilege Escalation Vulnerability
2018-05-0800:00:00
Symantec Security Response
www.symantec.com
435
0.974 High
EPSS
Percentile
99.9%
Description
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.
Technologies Affected
- Microsoft Windows 7 for 32-bit Systems SP1
- Microsoft Windows 7 for x64-based Systems SP1
- Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
- Microsoft Windows Server 2008 R2 for x64-based Systems SP1
- Microsoft Windows Server 2008 for 32-bit Systems SP2
- Microsoft Windows Server 2008 for Itanium-based Systems SP2
- Microsoft Windows Server 2008 for x64-based Systems SP2
Recommendations
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.
Updates are available. Please see the references or vendor advisory for more information.
Related
threatpost
threatpost
ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks
2019-05-13 16:46:09
Purple Fox EK Adds Microsoft Exploits to Arsenal
2020-07-06 15:21:30
May Patch Tuesday Fixes Two Bugs Under Active Attack
2018-05-08 20:42:20
packetstorm
packetstorm
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-19 00:00:00
securelist
securelist
ScarCruft continues to evolve, introduces Bluetooth harvester
2019-05-13 10:00:03
IT threat evolution Q2 2019
2019-08-19 10:00:29
A mining multitool
2018-07-26 10:00:25
metasploit
metasploit
Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-10 19:41:14
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-03-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2018-8120)
2018-05-08 00:00:00
canvas
canvas
Immunity Canvas: SETIMEINFOEX_LPE
2018-05-09 19:29:00
zdt
zdt
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
2018-10-22 00:00:00
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2018-05-08 07:00:00
exploitdb
exploitdb
trellix
trellix
Rapidly Evolving Ransomware Gandcrab Version
2018-10-10 00:00:00
Rapidly Evolving Ransomware Gandcrab Version
2018-10-10 00:00:00
myhack58
myhack58
seebug
seebug
thn
thn
Microsoft Patches Two Zero-Day Flaws Under Active Attack
2018-05-09 06:14:00
mssecure
mssecure
Taking apart a double zero-day sample discovered in joint hunt with ESET
2018-07-02 15:00:00
prion
prion
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
Privilege escalation
2018-05-09 19:29:00
attackerkb
attackerkb
CVE-2018-8164
2018-05-09 00:00:00
CVE-2018-8120
2018-05-09 00:00:00
malwarebytes
malwarebytes
Adobe Reader zero-day discovered alongside Windows vulnerability
2018-05-15 18:44:14
mskb
mskb
Description of the security update for the vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018
2018-05-08 07:00:00
May 8, 2018âKB4103712 (Security-only update)
2018-05-08 07:00:00
May 8, 2018âKB4103718 (Monthly Rollup)
2018-05-08 07:00:00
cve
cve
nessus
nessus
Security Updates for Windows Server 2008 (May 2018)
2018-05-09 00:00:00
KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update
2018-05-08 00:00:00
kaspersky
kaspersky
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
2018-05-08 00:00:00
cisa
cisa
CISA Adds 15 Known Exploited Vulnerability to Catalog
2022-03-15 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103718)
2018-05-09 00:00:00
trendmicroblog
trendmicroblog
talosblog
talosblog
Microsoft Patch Tuesday - May 2018
2018-05-08 12:02:00