English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.813526
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4284819)
Summary:This host is missing a critical security; update according to Microsoft KB4284819
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4284819

Vulnerability Insight:
Multiple flaws exist due to errors,

- When the Windows kernel improperly handles objects in memory.

- When Windows improperly handles objects in memory.

- When the (Human Interface Device) HID Parser Library driver improperly handles
objects in memory.

- In Device Guard that could allow an attacker to inject malicious code into a
Windows PowerShell session.

- In Windows when Desktop Bridge does not properly manage the virtual registry.

- When Windows allows a normal user to access the Wireless LAN profile of an
administrative user.

- When Cortana retrieves data from user input services without consideration for
status.

- When the Windows kernel improperly initializes objects in memory.

- In the way that the Windows Code Integrity Module performs hashing.

- When Microsoft Edge improperly handles requests of different origins.

- In the way that the Windows Kernel API enforces permissions.

- When Microsoft Edge improperly handles objects in memory.

- When Microsoft Edge improperly accesses objects in memory.

- When Windows Media Foundation improperly handles objects in memory.

- When HTTP Protocol Stack (Http.

- When the Windows GDI component improperly discloses the contents of its
memory.

- When Windows Hyper-V instruction emulation fails to properly enforce privilege
levels.

- When Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory.

- When Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- In Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW).

- When Internet Explorer improperly accesses objects in memory.

- When NTFS improperly checks access.

- When Edge improperly marks files.

- In the way that the Chakra scripting engine handles objects in memory in
Microsoft Edge.

- In the way that the scripting engine handles objects in memory in Internet
Explorer.

- In Windows Domain Name System (DNS) DNSAPI.

Vulnerability Impact:
Successful exploitation will allow an attacker
to obtain information to further compromise the user's system, run processes in
an elevated context, inject code into a trusted PowerShell process, execute
arbitrary code, read privileged data, force the browser to send restricted data,
interject cross-process communication, install programs, view, change, or delete
data or create new accounts with full user rights and create a denial of service
condition.

Affected Software/OS:
Microsoft Windows 10 Version 1709 for x32/x64-bit Systems.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-0871
BugTraq ID: 104339
http://www.securityfocus.com/bid/104339
http://www.securitytracker.com/id/1041097
Common Vulnerability Exposure (CVE) ID: CVE-2018-0978
BugTraq ID: 104364
http://www.securityfocus.com/bid/104364
http://www.securitytracker.com/id/1041099
Common Vulnerability Exposure (CVE) ID: CVE-2018-0982
BugTraq ID: 104382
http://www.securityfocus.com/bid/104382
https://www.exploit-db.com/exploits/44888/
http://www.securitytracker.com/id/1041093
Common Vulnerability Exposure (CVE) ID: CVE-2018-1036
BugTraq ID: 104360
http://www.securityfocus.com/bid/104360
http://www.securitytracker.com/id/1041111
Common Vulnerability Exposure (CVE) ID: CVE-2018-1040
BugTraq ID: 104389
http://www.securityfocus.com/bid/104389
http://www.securitytracker.com/id/1041112
Common Vulnerability Exposure (CVE) ID: CVE-2018-8111
BugTraq ID: 104335
http://www.securityfocus.com/bid/104335
Common Vulnerability Exposure (CVE) ID: CVE-2018-8113
BugTraq ID: 104365
http://www.securityfocus.com/bid/104365
Common Vulnerability Exposure (CVE) ID: CVE-2018-8121
BugTraq ID: 104380
http://www.securityfocus.com/bid/104380
http://www.securitytracker.com/id/1041113
Common Vulnerability Exposure (CVE) ID: CVE-2018-8140
BugTraq ID: 104354
http://www.securityfocus.com/bid/104354
http://www.securitytracker.com/id/1041108
Common Vulnerability Exposure (CVE) ID: CVE-2018-8169
BugTraq ID: 104356
http://www.securityfocus.com/bid/104356
Common Vulnerability Exposure (CVE) ID: CVE-2018-8175
BugTraq ID: 104359
http://www.securityfocus.com/bid/104359
http://www.securitytracker.com/id/1041100
Common Vulnerability Exposure (CVE) ID: CVE-2018-8201
BugTraq ID: 104331
http://www.securityfocus.com/bid/104331
http://www.securitytracker.com/id/1041098
Common Vulnerability Exposure (CVE) ID: CVE-2018-8205
BugTraq ID: 104391
http://www.securityfocus.com/bid/104391
http://www.securitytracker.com/id/1041114
Common Vulnerability Exposure (CVE) ID: CVE-2018-8207
BugTraq ID: 104379
http://www.securityfocus.com/bid/104379
Common Vulnerability Exposure (CVE) ID: CVE-2018-8208
BugTraq ID: 104392
http://www.securityfocus.com/bid/104392
https://www.exploit-db.com/exploits/44914/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8209
BugTraq ID: 104393
http://www.securityfocus.com/bid/104393
http://www.securitytracker.com/id/1041101
Common Vulnerability Exposure (CVE) ID: CVE-2018-8210
BugTraq ID: 104407
http://www.securityfocus.com/bid/104407
Common Vulnerability Exposure (CVE) ID: CVE-2018-8211
BugTraq ID: 104326
http://www.securityfocus.com/bid/104326
Common Vulnerability Exposure (CVE) ID: CVE-2018-8212
BugTraq ID: 104328
http://www.securityfocus.com/bid/104328
Common Vulnerability Exposure (CVE) ID: CVE-2018-8213
BugTraq ID: 104406
http://www.securityfocus.com/bid/104406
Common Vulnerability Exposure (CVE) ID: CVE-2018-8214
BugTraq ID: 104394
http://www.securityfocus.com/bid/104394
https://www.exploit-db.com/exploits/44915/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8215
BugTraq ID: 104333
http://www.securityfocus.com/bid/104333
Common Vulnerability Exposure (CVE) ID: CVE-2018-8218
BugTraq ID: 104402
http://www.securityfocus.com/bid/104402
http://www.securitytracker.com/id/1041110
Common Vulnerability Exposure (CVE) ID: CVE-2018-8219
BugTraq ID: 104353
http://www.securityfocus.com/bid/104353
http://www.securitytracker.com/id/1041096
Common Vulnerability Exposure (CVE) ID: CVE-2018-8221
BugTraq ID: 104338
http://www.securityfocus.com/bid/104338
Common Vulnerability Exposure (CVE) ID: CVE-2018-8225
BugTraq ID: 104395
http://www.securityfocus.com/bid/104395
http://www.securitytracker.com/id/1041095
Common Vulnerability Exposure (CVE) ID: CVE-2018-8226
BugTraq ID: 104361
http://www.securityfocus.com/bid/104361
http://www.securitytracker.com/id/1041094
Common Vulnerability Exposure (CVE) ID: CVE-2018-8227
BugTraq ID: 104368
http://www.securityfocus.com/bid/104368
Common Vulnerability Exposure (CVE) ID: CVE-2018-8229
BugTraq ID: 104369
http://www.securityfocus.com/bid/104369
https://www.exploit-db.com/exploits/45013/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8231
BugTraq ID: 104373
http://www.securityfocus.com/bid/104373
Common Vulnerability Exposure (CVE) ID: CVE-2018-8234
BugTraq ID: 104340
http://www.securityfocus.com/bid/104340
Common Vulnerability Exposure (CVE) ID: CVE-2018-8235
BugTraq ID: 104343
http://www.securityfocus.com/bid/104343
Common Vulnerability Exposure (CVE) ID: CVE-2018-8236
BugTraq ID: 104336
http://www.securityfocus.com/bid/104336
Common Vulnerability Exposure (CVE) ID: CVE-2018-8239
BugTraq ID: 104401
http://www.securityfocus.com/bid/104401
http://www.securitytracker.com/id/1041102
Common Vulnerability Exposure (CVE) ID: CVE-2018-8251
BugTraq ID: 104398
http://www.securityfocus.com/bid/104398
http://www.securitytracker.com/id/1041103
Common Vulnerability Exposure (CVE) ID: CVE-2018-8267
BugTraq ID: 104404
http://www.securityfocus.com/bid/104404
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.