English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.814611
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4471324)
Summary:This host is missing a critical security; update according to Microsoft KB4471324
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4471324

Vulnerability Insight:
Multiple flaw exists due to,

- Windows kernel fails to properly handle objects in memory.

- Connected User Experiences and Telemetry Service fails to validate
certain function values.

- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.

- Internet Explorer VBScript execution policy does not properly restrict
VBScript under specific conditions.

- VBScript engine improperly handles objects in memory.

- Windows Domain Name System (DNS) servers fail to properly handle requests.

- Scripting engine handles objects in memory in Internet Explorer.

- Windows kernel-mode driver fails to properly handle objects in memory.

- Windows GDI component improperly discloses the contents of its memory.

- Diagnostics Hub Standard Collector Service improperly impersonates certain
file operations.

- Remote Procedure Call runtime improperly initializes objects in memory.

- Windows Win32k component fails to properly handle objects in memory.

- An error in Windows kernel could allow an attacker to retrieve information
that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.

- Microsoft text-to-speech fails to properly handle objects in the memory.

- Internet Explorer improperly accesses objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code in kernel mode, deny dependent security feature functionality,
gain elevated privileges, obtain sensitive information and could cause a denial
of service.

Affected Software/OS:
Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for x64-based Systems

Solution:
Run Windows Update and update the
listed hotfixes or download and update mentioned hotfixes in the advisory
from the Reference link.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-8477
BugTraq ID: 106081
http://www.securityfocus.com/bid/106081
Common Vulnerability Exposure (CVE) ID: CVE-2018-8514
BugTraq ID: 106079
http://www.securityfocus.com/bid/106079
Common Vulnerability Exposure (CVE) ID: CVE-2018-8517
BugTraq ID: 106075
http://www.securityfocus.com/bid/106075
Common Vulnerability Exposure (CVE) ID: CVE-2018-8540
BugTraq ID: 106073
http://www.securityfocus.com/bid/106073
Common Vulnerability Exposure (CVE) ID: CVE-2018-8596
BugTraq ID: 106086
http://www.securityfocus.com/bid/106086
Common Vulnerability Exposure (CVE) ID: CVE-2018-8599
BugTraq ID: 106094
http://www.securityfocus.com/bid/106094
Common Vulnerability Exposure (CVE) ID: CVE-2018-8611
BugTraq ID: 106082
http://www.securityfocus.com/bid/106082
Common Vulnerability Exposure (CVE) ID: CVE-2018-8612
BugTraq ID: 106087
http://www.securityfocus.com/bid/106087
Common Vulnerability Exposure (CVE) ID: CVE-2018-8617
BugTraq ID: 106112
http://www.securityfocus.com/bid/106112
https://www.exploit-db.com/exploits/46202/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8618
BugTraq ID: 106113
http://www.securityfocus.com/bid/106113
Common Vulnerability Exposure (CVE) ID: CVE-2018-8619
BugTraq ID: 106119
http://www.securityfocus.com/bid/106119
https://www.exploit-db.com/exploits/46023/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8624
BugTraq ID: 106114
http://www.securityfocus.com/bid/106114
Common Vulnerability Exposure (CVE) ID: CVE-2018-8625
BugTraq ID: 106122
http://www.securityfocus.com/bid/106122
https://www.exploit-db.com/exploits/46022/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8626
BugTraq ID: 106076
http://www.securityfocus.com/bid/106076
Common Vulnerability Exposure (CVE) ID: CVE-2018-8629
BugTraq ID: 106115
http://www.securityfocus.com/bid/106115
Common Vulnerability Exposure (CVE) ID: CVE-2018-8631
BugTraq ID: 106118
http://www.securityfocus.com/bid/106118
https://www.exploit-db.com/exploits/46001/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8634
BugTraq ID: 106078
http://www.securityfocus.com/bid/106078
Common Vulnerability Exposure (CVE) ID: CVE-2018-8637
BugTraq ID: 106095
http://www.securityfocus.com/bid/106095
Common Vulnerability Exposure (CVE) ID: CVE-2018-8639
BugTraq ID: 106093
http://www.securityfocus.com/bid/106093
Common Vulnerability Exposure (CVE) ID: CVE-2018-8641
BugTraq ID: 106090
http://www.securityfocus.com/bid/106090
Common Vulnerability Exposure (CVE) ID: CVE-2018-8643
BugTraq ID: 106117
http://www.securityfocus.com/bid/106117
Common Vulnerability Exposure (CVE) ID: CVE-2018-8583
BugTraq ID: 106111
http://www.securityfocus.com/bid/106111
Common Vulnerability Exposure (CVE) ID: CVE-2018-8595
BugTraq ID: 106083
http://www.securityfocus.com/bid/106083
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 72306 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.