English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.814613
Category:Windows : Microsoft Bulletins
Title:Microsoft Windows Multiple Vulnerabilities (KB4471321)
Summary:This host is missing a critical security; update according to Microsoft KB4471321
Description:Summary:
This host is missing a critical security
update according to Microsoft KB4471321

Vulnerability Insight:
Multiple flaw exists due to,

- Windows kernel fails to properly handle objects in memory.

- Connected User Experiences and Telemetry Service fails to validate
certain function values.

- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.

- Internet Explorer VBScript execution policy does not properly restrict
VBScript under specific conditions.

- Windows GDI component improperly discloses the contents of its memory.

- Scripting engine handles objects in memory in Internet Explorer.

- VBScript engine improperly handles objects in memory.

- Microsoft text-to-speech fails to properly handle objects in the memory.

- Windows kernel-mode driver fails to properly handle objects in memory.

- Windows Domain Name System (DNS) servers fail to properly handle requests.

- Windows Win32k component fails to properly handle objects in memory.

- Internet Explorer improperly accesses objects in memory.

- Diagnostics Hub Standard Collector Service improperly impersonates
certain file operations.

- Remote Procedure Call runtime improperly initializes objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code in kernel mode, obtain sensitive information, deny
dependent security feature functionality, gain elevated privileges, cause a
denial of service and take control of the affected system.

Affected Software/OS:
Microsoft Windows 10 Version 1607 x32/x64

Microsoft Windows Server 2016

Solution:
Run Windows Update and update the
listed hotfixes or download and update mentioned hotfixes in the advisory
from the Reference link.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-8477
BugTraq ID: 106081
http://www.securityfocus.com/bid/106081
Common Vulnerability Exposure (CVE) ID: CVE-2018-8514
BugTraq ID: 106079
http://www.securityfocus.com/bid/106079
Common Vulnerability Exposure (CVE) ID: CVE-2018-8517
BugTraq ID: 106075
http://www.securityfocus.com/bid/106075
Common Vulnerability Exposure (CVE) ID: CVE-2018-8540
BugTraq ID: 106073
http://www.securityfocus.com/bid/106073
Common Vulnerability Exposure (CVE) ID: CVE-2018-8599
BugTraq ID: 106094
http://www.securityfocus.com/bid/106094
Common Vulnerability Exposure (CVE) ID: CVE-2018-8611
BugTraq ID: 106082
http://www.securityfocus.com/bid/106082
Common Vulnerability Exposure (CVE) ID: CVE-2018-8612
BugTraq ID: 106087
http://www.securityfocus.com/bid/106087
Common Vulnerability Exposure (CVE) ID: CVE-2018-8617
BugTraq ID: 106112
http://www.securityfocus.com/bid/106112
Common Vulnerability Exposure (CVE) ID: CVE-2018-8618
BugTraq ID: 106113
http://www.securityfocus.com/bid/106113
Common Vulnerability Exposure (CVE) ID: CVE-2018-8619
https://www.exploit-db.com/exploits/46023/
BugTraq ID: 106119
http://www.securityfocus.com/bid/106119
Common Vulnerability Exposure (CVE) ID: CVE-2018-8624
BugTraq ID: 106114
http://www.securityfocus.com/bid/106114
Common Vulnerability Exposure (CVE) ID: CVE-2018-8625
https://www.exploit-db.com/exploits/46022/
BugTraq ID: 106122
http://www.securityfocus.com/bid/106122
Common Vulnerability Exposure (CVE) ID: CVE-2018-8626
BugTraq ID: 106076
http://www.securityfocus.com/bid/106076
Common Vulnerability Exposure (CVE) ID: CVE-2018-8629
BugTraq ID: 106115
http://www.securityfocus.com/bid/106115
Common Vulnerability Exposure (CVE) ID: CVE-2018-8631
https://www.exploit-db.com/exploits/46001/
BugTraq ID: 106118
http://www.securityfocus.com/bid/106118
Common Vulnerability Exposure (CVE) ID: CVE-2018-8634
BugTraq ID: 106078
http://www.securityfocus.com/bid/106078
Common Vulnerability Exposure (CVE) ID: CVE-2018-8639
BugTraq ID: 106093
http://www.securityfocus.com/bid/106093
Common Vulnerability Exposure (CVE) ID: CVE-2018-8641
BugTraq ID: 106090
http://www.securityfocus.com/bid/106090
Common Vulnerability Exposure (CVE) ID: CVE-2018-8643
BugTraq ID: 106117
http://www.securityfocus.com/bid/106117
Common Vulnerability Exposure (CVE) ID: CVE-2018-8595
BugTraq ID: 106083
http://www.securityfocus.com/bid/106083
Common Vulnerability Exposure (CVE) ID: CVE-2018-8596
BugTraq ID: 106086
http://www.securityfocus.com/bid/106086
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.