PT-2018-9069 · Microsoft+1 · Windows Server 2008 R2 Sp1+8
Mateusz Jurczyk
·
Published
2018-01-03
·
Updated
2019-10-03
·
CVE-2018-0788
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Windows 7 SP1
Windows 8.1
Windows RT 8.1
Windows Server 2008 SP2
Windows Server 2008 R2 SP1
Windows Server 2012
Windows Server 2012 R2
Description:
The issue is related to the way objects are handled in memory by the Windows Adobe Type Manager Font Driver (Atmfd.dll), allowing an elevation of privilege. This could enable attackers to obtain sensitive information and affect the system.
Recommendations:
For Windows 7 SP1, update to a newer version that addresses the issue.
For Windows 8.1, update to a newer version that addresses the issue.
For Windows RT 8.1, update to a newer version that addresses the issue.
For Windows Server 2008 SP2, update to a newer version that addresses the issue.
For Windows Server 2008 R2 SP1, update to a newer version that addresses the issue.
For Windows Server 2012, update to a newer version that addresses the issue.
For Windows Server 2012 R2, update to a newer version that addresses the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Type Manager Font Driver
Windows
Windows 7 Sp1
Windows 8.1
Windows Rt 8.1
Windows Server 2008 R2 Sp1
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2