Multiple vulnerabilities in Windows kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2018-0975 CVE-2018-0974 CVE-2018-0973 CVE-2018-0972 CVE-2018-0971 CVE-2018-0970 CVE-2018-0969 CVE-2018-0968 CVE-2018-0960 CVE-2018-0887 CVE-2018-0963 |
| CWE-ID | CWE-200 CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU11717
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0975
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0975
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU11718
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0974
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU11719
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0973
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0973
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU11721
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0972
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0972
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU11723
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0971
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0971
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU11724
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0970
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0970
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU11725
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0969
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0969
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Information disclosure
EUVDB-ID: #VU11727
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0968
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application, bypass Kernel Address Space Layout Randomization and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 R2 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0968
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU11729
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0960
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0960
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Information disclosure
EUVDB-ID: #VU11730
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0887
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to improper initialization of memory by the Windows kernel. A local attacker can run a specially crafted application and retrieve the memory address of a kernel object.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 - 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0887
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Privilege escalation
EUVDB-ID: #VU11732
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0963
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges.
The vulnerability exists due to improper handling of memory addresses by the Windows kernel. A local attacker can run a specially crafted application and execute arbitrary code with system privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10
Windows Server: 2016
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0963
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
