Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0868: Windows Installer Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2018-0868: Windows Installer Elevation of Privilege Vulnerability

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
03/13/2018
Created
07/25/2018
Added
03/13/2018
Modified
11/18/2021

Description

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation.

Solution(s)

  • msft-kb4087398-1edff330-aa4b-46c9-b5b6-da0423f3e172
  • msft-kb4087398-6ab45774-afcc-4272-bec4-cd3d1db63f0a
  • msft-kb4087398-806ae972-d4b1-42e0-86a8-57f32c1271dd
  • msft-kb4087398-97fe034a-0523-4192-88b1-5209a1a53416
  • msft-kb4088776-2c72e703-9c4c-4146-9e32-cc4386b2cfb2
  • msft-kb4088776-3b3e0295-642a-4b7d-84b7-c6b5e83f5ca2
  • msft-kb4088776-786afab9-c31a-475e-8a16-67957d2e609d
  • msft-kb4088779-48dd1136-48ee-44c7-a573-868521eccff4
  • msft-kb4088779-c19a8868-ac70-44b1-9b6f-2d4dc02cf9ba
  • msft-kb4088782-4c26f4d6-719a-484d-b39e-e05f7b8f92b0
  • msft-kb4088782-f6e16c94-5afc-4df9-9970-2d4ca233b263
  • msft-kb4088786-beebacd8-b2b4-4dd0-94b4-9e3d6252b7f0
  • msft-kb4088786-d8280f8b-2c0a-4543-99a8-8e72f83c84dd
  • msft-kb4088787-5dc25e3e-31b9-4ac7-b1b7-a62a9821390d
  • msft-kb4088787-b28a900c-61a0-4362-8df4-e1ecc7caa389
  • msft-kb4088787-c4fe9ff8-acd4-405b-91b5-334daf81ae00
  • msft-kb4088878-3eccb222-8147-418c-b824-32e3963b52c1
  • msft-kb4088878-54e97a4a-39f4-4bb4-bec4-c20626c69b4f
  • msft-kb4088878-89e27e55-1e9f-401f-b425-a336c4de339b
  • msft-kb4088878-b6298521-2c71-4d80-a936-4488236eb2ab
  • msft-kb4088878-ce7acebc-806a-4eee-b8b5-49b0519d888a
  • msft-kb4088878-db255014-1ec8-426a-ab12-20e28bec0d24
  • msft-kb4088879-913c1d08-eb63-4b74-aeff-a476d1fbaa2c
  • msft-kb4088879-beb98ea4-03f7-4d8c-a14c-1283b674e7b5
  • msft-kb4088880-289ecc78-2b4d-450f-9497-0eb70a22c752
  • msft-kb4088880-4af681cd-8e85-46e0-810c-ef55910f3037
  • msft-kb4088880-885d494a-b0e4-442b-8540-30de0cf6feba

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;