Microsoft CVE-2018-0745: Windows Kernel Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
Solution(s)
- msft-kb4056891-64a4a722-8ee1-4315-8977-b970916497a7
- msft-kb4056891-74b9cfdd-c2b4-4094-a7ac-49dafeacb837
- msft-kb4056892-3ad66183-2a80-4552-892b-c80c34461704
- msft-kb4056892-f5928a6a-8aba-4be4-8a38-07688e23afc5
- msft-kb4056892-ff4a4508-e334-4006-bdde-c87f2a4f32eb
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center