KLA11316 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
2. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely via specially crafted application to gain privileges.
3. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
4. An elevation of privilege vulnerability in Windows ALPC can be exploited remotely via specially crafted application to gain privileges.
5. A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
6. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
7. A remote code execution vulnerability in Microsoft JET Database Engine can be exploited remotely via specially crafted to execute arbitrary code.
8. An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
9. A denial of service vulnerability in Windows SMB can be exploited remotely via specially crafted requests to cause denial of service.
10. An information disclosure vulnerability in Windows SMB can be exploited remotely via specially crafted packet to obtain sensitive information.
11. An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to gain privileges.
12. A remote code execution vulnerability in Win32k Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
13. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
14. An information disclosure vulnerability in Windows can be exploited remotely via specially crafted application to obtain sensitive information.
15. A remote code execution vulnerability in Windows can be exploited remotely via specially crafted image to execute arbitrary code.
16. An information disclosure vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to obtain sensitive information.
17. A remote code execution vulnerability in MS XML can be exploited remotely via specially crafted website to execute arbitrary code.
18. A security feature bypass vulnerability in Device Guard can be exploited remotely to bypass security restrictions.
19. A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
20. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
21. An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
22. A security feature bypass vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to bypass security restrictions.

Original advisories

CVE-2018-8433

CVE-2018-8462

CVE-2018-8442

CVE-2018-8440

CVE-2018-8438

CVE-2018-8455

CVE-2018-8392

CVE-2018-8410

CVE-2018-8335

CVE-2018-8444

CVE-2018-8441

CVE-2018-8332

CVE-2018-0965

CVE-2018-8271

CVE-2018-8437

CVE-2018-8443

CVE-2018-8475

CVE-2018-8419

CVE-2018-8434

CVE-2018-8420

CVE-2018-8436

CVE-2018-8439

CVE-2018-8449

CVE-2018-8435

CVE-2018-8424

CVE-2018-8468

CVE-2018-8393

CVE-2018-8445

CVE-2018-8337

CVE-2018-8446

ADV180022

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2018-8433 warning

CVE-2018-8462 critical

CVE-2018-8442 high

CVE-2018-8440 critical

CVE-2018-8438 high

CVE-2018-8455 critical

CVE-2018-8392 critical

CVE-2018-8410 critical

CVE-2018-8335 critical

CVE-2018-8444 high

CVE-2018-8441 critical

CVE-2018-8332 critical

CVE-2018-0965 critical

CVE-2018-8271 high

CVE-2018-8437 high

CVE-2018-8443 high

CVE-2018-8475 critical

CVE-2018-8419 high

CVE-2018-8434 high

CVE-2018-8420 critical

CVE-2018-8436 high

CVE-2018-8439 critical

CVE-2018-8449 warning

CVE-2018-8435 warning

CVE-2018-8424 high

CVE-2018-8468 warning

CVE-2018-8393 critical

CVE-2018-8445 high

CVE-2018-8337 high

CVE-2018-8446 high

KB list

4457128

4457131

4457132

4457142

4457138

4457129

4457143

4457135

4457140

4598275

4598243

4598285

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows 10 Version 1709 for x64-based Systems