English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.813342
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4103716)
Summary:This host is missing a critical security; update according to Microsoft KB4103716
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4103716

Vulnerability Insight:
Multiple flaws exist due to:

- Windows Common Log File System (CLFS) driver improperly handles objects in
memory.

- The Win32k component fails to properly handle objects in memory.

- The DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects
in memory.

- Windows kernel fails to properly handle objects in memory.

- Chakra improperly discloses the contents of its memory.

- Scripting engine improperly handles objects in memory in microsoft browsers.

- Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies.

- Chakra scripting engine improperly handles objects in memory in
Microsoft Edge.

- Windows Kernel API improperly enforces permissions.

- Microsoft Edge improperly handles requests of different origins.

- Windows Hyper-V on a host server fails to properly validate input from an
authenticated user on a guest operating system.

- Windows 'its://' protocol handler unnecessarily sends traffic to a remote site in
order to determine the zone of a provided URL.

- An error in Credential Security Support Provider protocol (CredSSP).

Vulnerability Impact:
Successful exploitation will allow an attacker
to run processes in an elevated context, run arbitrary code in kernel mode,
circumvent a User Mode Code Integrity (UMCI) policy on the machine, gain the
same user rights as the current user, discloses information to further
compromise the user's computer or data, interrupt system functionality and
cause denial of service condition.

Affected Software/OS:
- Microsoft Windows 10 for 32-bit Systems

- Microsoft Windows 10 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-0765
BugTraq ID: 104060
http://www.securityfocus.com/bid/104060
http://www.securitytracker.com/id/1040851
Common Vulnerability Exposure (CVE) ID: CVE-2018-0954
BugTraq ID: 103991
http://www.securityfocus.com/bid/103991
http://www.securitytracker.com/id/1040844
Common Vulnerability Exposure (CVE) ID: CVE-2018-0955
BugTraq ID: 103993
http://www.securityfocus.com/bid/103993
http://www.securitytracker.com/id/1040846
Common Vulnerability Exposure (CVE) ID: CVE-2018-0958
BugTraq ID: 104064
http://www.securityfocus.com/bid/104064
http://www.securitytracker.com/id/1040849
Common Vulnerability Exposure (CVE) ID: CVE-2018-0959
BugTraq ID: 104031
http://www.securityfocus.com/bid/104031
http://www.securitytracker.com/id/1040843
Common Vulnerability Exposure (CVE) ID: CVE-2018-1022
BugTraq ID: 103978
http://www.securityfocus.com/bid/103978
Common Vulnerability Exposure (CVE) ID: CVE-2018-1025
BugTraq ID: 103984
http://www.securityfocus.com/bid/103984
Common Vulnerability Exposure (CVE) ID: CVE-2018-1039
BugTraq ID: 104072
http://www.securityfocus.com/bid/104072
Common Vulnerability Exposure (CVE) ID: CVE-2018-8112
BugTraq ID: 103963
http://www.securityfocus.com/bid/103963
Common Vulnerability Exposure (CVE) ID: CVE-2018-8114
BugTraq ID: 103994
http://www.securityfocus.com/bid/103994
Common Vulnerability Exposure (CVE) ID: CVE-2018-8122
BugTraq ID: 103995
http://www.securityfocus.com/bid/103995
Common Vulnerability Exposure (CVE) ID: CVE-2018-8124
BugTraq ID: 104037
http://www.securityfocus.com/bid/104037
Common Vulnerability Exposure (CVE) ID: CVE-2018-8126
BugTraq ID: 103997
http://www.securityfocus.com/bid/103997
Common Vulnerability Exposure (CVE) ID: CVE-2018-8127
BugTraq ID: 104040
http://www.securityfocus.com/bid/104040
Common Vulnerability Exposure (CVE) ID: CVE-2018-8129
BugTraq ID: 104065
http://www.securityfocus.com/bid/104065
Common Vulnerability Exposure (CVE) ID: CVE-2018-8132
BugTraq ID: 104066
http://www.securityfocus.com/bid/104066
Common Vulnerability Exposure (CVE) ID: CVE-2018-8133
BugTraq ID: 103982
http://www.securityfocus.com/bid/103982
https://www.exploit-db.com/exploits/44817/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8134
BugTraq ID: 104041
http://www.securityfocus.com/bid/104041
https://www.exploit-db.com/exploits/44630/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8136
BugTraq ID: 104044
http://www.securityfocus.com/bid/104044
Common Vulnerability Exposure (CVE) ID: CVE-2018-8137
BugTraq ID: 103967
http://www.securityfocus.com/bid/103967
Common Vulnerability Exposure (CVE) ID: CVE-2018-8145
BugTraq ID: 103986
http://www.securityfocus.com/bid/103986
https://www.exploit-db.com/exploits/45011/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8164
BugTraq ID: 104033
http://www.securityfocus.com/bid/104033
Common Vulnerability Exposure (CVE) ID: CVE-2018-8165
BugTraq ID: 104038
http://www.securityfocus.com/bid/104038
Common Vulnerability Exposure (CVE) ID: CVE-2018-8166
BugTraq ID: 104062
http://www.securityfocus.com/bid/104062
Common Vulnerability Exposure (CVE) ID: CVE-2018-8167
BugTraq ID: 104063
http://www.securityfocus.com/bid/104063
Common Vulnerability Exposure (CVE) ID: CVE-2018-8174
BugTraq ID: 103998
http://www.securityfocus.com/bid/103998
https://www.exploit-db.com/exploits/44741/
https://blog.0patch.com/2018/05/a-single-instruction-micropatch-for.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-8178
BugTraq ID: 104076
http://www.securityfocus.com/bid/104076
Common Vulnerability Exposure (CVE) ID: CVE-2018-8179
BugTraq ID: 104077
http://www.securityfocus.com/bid/104077
Common Vulnerability Exposure (CVE) ID: CVE-2018-8897
BugTraq ID: 104071
http://www.securityfocus.com/bid/104071
CERT/CC vulnerability note: VU#631579
https://www.kb.cert.org/vuls/id/631579
Debian Security Information: DSA-4196 (Google Search)
https://www.debian.org/security/2018/dsa-4196
Debian Security Information: DSA-4201 (Google Search)
https://www.debian.org/security/2018/dsa-4201
https://www.exploit-db.com/exploits/44697/
https://www.exploit-db.com/exploits/45024/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9
http://openwall.com/lists/oss-security/2018/05/08/1
http://openwall.com/lists/oss-security/2018/05/08/4
https://bugzilla.redhat.com/show_bug.cgi?id=1567074
https://github.com/can1357/CVE-2018-8897/
https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9
https://patchwork.kernel.org/patch/10386677/
https://support.apple.com/HT208742
https://svnweb.freebsd.org/base?view=revision&revision=333368
https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc
https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html
https://xenbits.xen.org/xsa/advisory-260.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html
RedHat Security Advisories: RHSA-2018:1318
https://access.redhat.com/errata/RHSA-2018:1318
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
RedHat Security Advisories: RHSA-2018:1345
https://access.redhat.com/errata/RHSA-2018:1345
RedHat Security Advisories: RHSA-2018:1346
https://access.redhat.com/errata/RHSA-2018:1346
RedHat Security Advisories: RHSA-2018:1347
https://access.redhat.com/errata/RHSA-2018:1347
RedHat Security Advisories: RHSA-2018:1348
https://access.redhat.com/errata/RHSA-2018:1348
RedHat Security Advisories: RHSA-2018:1349
https://access.redhat.com/errata/RHSA-2018:1349
RedHat Security Advisories: RHSA-2018:1350
https://access.redhat.com/errata/RHSA-2018:1350
RedHat Security Advisories: RHSA-2018:1351
https://access.redhat.com/errata/RHSA-2018:1351
RedHat Security Advisories: RHSA-2018:1352
https://access.redhat.com/errata/RHSA-2018:1352
RedHat Security Advisories: RHSA-2018:1353
https://access.redhat.com/errata/RHSA-2018:1353
RedHat Security Advisories: RHSA-2018:1354
https://access.redhat.com/errata/RHSA-2018:1354
RedHat Security Advisories: RHSA-2018:1355
https://access.redhat.com/errata/RHSA-2018:1355
RedHat Security Advisories: RHSA-2018:1524
https://access.redhat.com/errata/RHSA-2018:1524
http://www.securitytracker.com/id/1040744
http://www.securitytracker.com/id/1040861
http://www.securitytracker.com/id/1040866
http://www.securitytracker.com/id/1040882
https://usn.ubuntu.com/3641-1/
https://usn.ubuntu.com/3641-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0824
BugTraq ID: 104030
http://www.securityfocus.com/bid/104030
https://www.exploit-db.com/exploits/44906/
http://www.securitytracker.com/id/1040848
Common Vulnerability Exposure (CVE) ID: CVE-2018-0854
BugTraq ID: 104029
http://www.securityfocus.com/bid/104029
Common Vulnerability Exposure (CVE) ID: CVE-2018-0943
BugTraq ID: 103980
http://www.securityfocus.com/bid/103980
Common Vulnerability Exposure (CVE) ID: CVE-2018-0953
BugTraq ID: 103990
http://www.securityfocus.com/bid/103990
https://www.exploit-db.com/exploits/44694/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0886
BugTraq ID: 103265
http://www.securityfocus.com/bid/103265
https://www.exploit-db.com/exploits/44453/
https://blog.preempt.com/security-advisory-credssp
https://github.com/preempt/credssp
https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03
http://www.securitytracker.com/id/1040506
Common Vulnerability Exposure (CVE) ID: CVE-2017-11927
BugTraq ID: 102095
http://www.securityfocus.com/bid/102095
http://www.securitytracker.com/id/1039997
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.