Microsoft CVE-2018-0832: Windows Kernel Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
Solution(s)
- msft-kb4074588-11adea10-0701-430e-954f-9471595ae246
- msft-kb4074588-9fc64b01-2edc-40c8-bf0d-ee3540c741f8
- msft-kb4074588-aa46db4d-865e-48e7-9fe8-3ffedda76530
- msft-kb4074590-c7d8f24b-1f39-4a05-b66d-d0cda05ff280
- msft-kb4074590-e990e36e-fd8f-411d-a9c1-1198447a26ce
- msft-kb4074590-f5f58231-ac5d-4640-ab1b-9dc8d857c265
- msft-kb4074591-041d42cd-eb65-4d43-a835-f5d2f502cc2d
- msft-kb4074591-fa465771-aa6c-4594-9759-1bfb7eeab6b3
- msft-kb4074592-2a7e4366-e91e-4b45-8775-bfc7ab0a86b0
- msft-kb4074592-ffc8aa26-baed-4b03-84de-a404e624d747
- msft-kb4074596-79ac13e4-3a09-40b9-9c96-be5ae591b174
- msft-kb4074596-a5382994-9de3-4a69-ab0e-0ec90626f58a
- msft-kb4074597-e23ec185-3ead-4c5c-bd1e-a9058cc7c06b
- msft-kb4074597-ef515c36-d5d5-4d6d-8413-fdced1c51834
- msft-kb4074597-f5df629a-edb7-49f1-946d-18e4f0a860f0
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center