PT-2018-1656 · Microsoft · Windows 10 Servers+6
Published
2018-09-11
·
Updated
2019-10-03
·
CVE-2018-8455
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Windows Server 2012 R2
Windows RT 8.1
Windows Server 2016
Windows 8.1
Windows 10
Windows 10 Servers
Description
The issue is related to how the Windows Kernel handles objects in memory. It allows attackers to affect the system by potentially executing arbitrary code with elevated privileges using a specially crafted application.
Recommendations
For Windows Server 2012 R2, update to a version that includes the fix for this issue.
For Windows RT 8.1, update to a version that includes the fix for this issue.
For Windows Server 2016, update to a version that includes the fix for this issue.
For Windows 8.1, update to a version that includes the fix for this issue.
For Windows 10, update to a version that includes the fix for this issue.
For Windows 10 Servers, update to a version that includes the fix for this issue.
Fix
LPE
Improper Privilege Management
Buffer Overflow
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Windows
Windows 10
Windows 10 Servers
Windows 8.1
Windows Rt 8.1
Windows Server 2012 R2
Windows Server 2016