Kaspersky LabKLA11778KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
0.95 High
EPSS
Percentile
99.3%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to obtain sensitive information.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
- A remote code execution vulnerability in CredSSP can be exploited remotely via specially crafted application to execute arbitrary code.
- An elevation of privilege vulnerability in Microsoft Video Control can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows Shell can be exploited remotely via specially crafted file to execute arbitrary code.
- An information disclosure vulnerability in Internet Explorer can be exploited remotely via specially crafted content to obtain sensitive information.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
- An information disclosure vulnerability in Windows Remote Assistance can be exploited remotely via specially crafted to obtain sensitive information.
- An elevation of privilege vulnerability in Windows GDI can be exploited remotely via specially crafted application to gain privileges.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
CVE-2018-0811 warning
CVE-2018-0813 warning
CVE-2018-0814 warning
CVE-2018-0815 high
CVE-2018-0816 high
CVE-2018-0817 high
CVE-2018-0868 high
CVE-2018-0878 warning
CVE-2018-0881 high
CVE-2018-0883 critical
CVE-2018-0885 high
CVE-2018-0886 critical
CVE-2018-0888 warning
CVE-2018-0894 warning
CVE-2018-0895 warning
CVE-2018-0896 warning
CVE-2018-0897 warning
CVE-2018-0898 warning
CVE-2018-0899 warning
CVE-2018-0900 warning
CVE-2018-0901 warning
CVE-2018-0904 warning
CVE-2018-0889 critical
CVE-2018-0891 warning
CVE-2018-0929 warning
CVE-2018-0935 critical
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- PE
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Affected Products
- Windows 10 Version 1803 for x64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1709 for x64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server 2012 R2Windows 10 Version 1703 for 32-bit SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1909 for 32-bit SystemsWindows Server 2016 (Server Core installation)Windows Server, version 1709 (Server Core Installation)Windows Server 2019Internet Explorer 9Windows 10 Version 1511 for 32-bit SystemsWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2Windows 10 Version 1903 for x64-based SystemsWindows 8.1 for 32-bit systemsWindows 10 Version 1809 for ARM64-based SystemsWindows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server, version 1903 (Server Core installation)Windows 10 Version 1703 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 8.1 for x64-based systemsWindows Server 2008 for x64-based Systems Service Pack 2Windows Server, version 1909 (Server Core installation)Windows 10 Version 1909 for x64-based SystemsWindows 10 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 1809 for x64-based SystemsWindows Server 2012Windows 10 Version 1903 for ARM64-based SystemsChakraCoreWindows RT 8.1Microsoft Edge (EdgeHTML-based)Internet Explorer 10Windows Server 2016Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1511 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 7 for x64-based Systems Service Pack 1Internet Explorer 11Windows Server 2012 R2 (Server Core installation)Windows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1809 for 32-bit Systems
References
support.microsoft.com/kb/4056564
support.microsoft.com/kb/4073011
support.microsoft.com/kb/4087398
support.microsoft.com/kb/4088827
support.microsoft.com/kb/4088875
support.microsoft.com/kb/4088878
support.microsoft.com/kb/4089175
support.microsoft.com/kb/4089187
support.microsoft.com/kb/4089229
support.microsoft.com/kb/4089344
support.microsoft.com/kb/4089453
support.microsoft.com/kb/4103712
support.microsoft.com/kb/4103718
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0811
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0813
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0814
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0815
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0816
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0817
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0868
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0878
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0881
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0883
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0885
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0886
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0888
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0889
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0891
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0894
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0895
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0896
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0897
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0898
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0899
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0900
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0901
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0904
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0929
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0935
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/ChakraCore/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
Related
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
0.95 High
EPSS
Percentile
99.3%