Windows Kernel CVE-2018-8897 Elevation of Privilege

Authors:Andy Lutomirski         Risk:Critical

CVE:CVE-2018-8897              0day:Elevation of Privilege  

0day -id:0DAY-176161            Date:2018-05-11

Description

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

Exploitability Assessment

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Publicly Disclosed Exploited Latest Software Release Older Software Release Denial of Service
No No 3 – Exploitation Unlikely 3 – Exploitation Unlikely Temporary

Affected Products

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see the Microsoft Support Lifecycle.

Product
Platform
Article
Download
Impact
Severity
Supersedence
Windows 10 for 32-bit Systems 4103716 Security Update Elevation of Privilege Important 4093111
Windows 10 for x64-based Systems 4103716 Security Update Elevation of Privilege Important 4093111
Windows 10 Version 1607 for 32-bit Systems 4103723 Security Update Elevation of Privilege Important 4093119
Windows 10 Version 1607 for x64-based Systems 4103723 Security Update Elevation of Privilege Important 4093119
Windows 10 Version 1703 for 32-bit Systems 4103731 Security Update Elevation of Privilege Important 4093107
Windows 10 Version 1703 for x64-based Systems 4103731 Security Update Elevation of Privilege Important 4093107
Windows 10 Version 1709 for 32-bit Systems 4103727 Security Update Elevation of Privilege Important 4093112
Windows 10 Version 1709 for 64-based Systems 4103727 Security Update Elevation of Privilege Important 4093112
Windows 10 Version 1803 for 32-bit Systems 4103721 Security Update Elevation of Privilege Important
Windows 10 Version 1803 for x64-based Systems 4103721 Security Update Elevation of Privilege Important
Windows 7 for 32-bit Systems Service Pack 1 4103718 Monthly Rollup Elevation of Privilege Important 4093118
4103712 Security Only
Windows 7 for x64-based Systems Service Pack 1 4103718 Monthly Rollup Elevation of Privilege Important 4093118
4103712 Security Only
Windows 8.1 for 32-bit systems 4103725 Monthly Rollup Elevation of Privilege Important 4093114
4103715 Security Only
Windows 8.1 for x64-based systems 4103725 Monthly Rollup Elevation of Privilege Important 4093114
4103715 Security Only
Windows RT 8.1 4103725 Monthly Rollup  Elevation of Privilege Important 4093114
Windows Server 2008 for 32-bit Systems Service Pack 2 4134651 Security Update Elevation of Privilege Important 4018556
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4134651 Security Update Elevation of Privilege Important 4018556
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4134651 Security Update Elevation of Privilege Important 4018556
Windows Server 2008 for x64-based Systems Service Pack 2 4134651 Security Update Elevation of Privilege Important 4018556
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4134651 Security Update Elevation of Privilege Important 4018556
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4103718 Monthly Rollup Elevation of Privilege Important 4093118
4103712 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4103718 Monthly Rollup Elevation of Privilege Important 4093118
4103712 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4103718 Monthly Rollup Elevation of Privilege Important 4093118
4103712 Security Only
Windows Server 2012 4103730 Monthly Rollup Elevation of Privilege Important 4093123
4103726 Security Only
Windows Server 2012 (Server Core installation) 4103730 Monthly Rollup Elevation of Privilege Important 4093123
4103726 Security Only
Windows Server 2012 R2 4103725 Monthly Rollup Elevation of Privilege Important 4093114
4103715 Security Only
Windows Server 2012 R2 (Server Core installation) 4103725 Monthly Rollup Elevation of Privilege Important 4093114
4103715 Security Only
Windows Server 2016 4103723 Security Update Elevation of Privilege Important 4093119
Windows Server 2016 (Server Core installation) 4103723 Security Update Elevation of Privilege Important 4093119
Windows Server, version 1709 (Server Core Installation) 4103727 Security Update Elevation of Privilege Important 4093112
Windows Server, version 1803 (Server Core Installation) 4103721 Security Update Elevation of Privilege Important

Mitigations

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

Leave a Reply