Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8136: Windows Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2018-8136: Windows Remote Code Execution Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

05/08/2018

Created

07/25/2018

Added

05/08/2018

Modified

11/18/2021

Description

A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted document, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows handles objects in memory.

Solution(s)

msft-kb4103712-37b5b334-c8cc-4a13-b84c-48e1bea48d6b
msft-kb4103712-83a7090f-3e70-4edb-b2af-18ee3c8c8539
msft-kb4103712-902c7573-12fb-4135-a2df-88d13af1d33c
msft-kb4103712-c53c08ca-efac-49ab-a665-5b470f700c80
msft-kb4103712-ddb1b118-50db-4654-b4d4-04cce64723ed
msft-kb4103712-deb51cc8-5372-4925-a191-c02b160864d5
msft-kb4103715-196f3a64-83fb-4123-a71b-3e7aa0534b4a
msft-kb4103715-53738d8d-be74-4aef-ae8c-8fe6be9cd854
msft-kb4103715-a0a512c2-5000-486b-bfea-655ac981bef3
msft-kb4103716-34e04a3c-fab2-4a5e-b231-a37aac882e0f
msft-kb4103716-8759c2a2-230b-4089-9c04-586cf2746a71
msft-kb4103721-eb863932-a151-446c-8884-ab5add176f94
msft-kb4103721-f7846ea0-3bd9-48a2-b230-0be2ad24b4ea
msft-kb4103721-fdd62b2a-0e40-4c06-b153-7d2f5e45f613
msft-kb4103723-54f93c06-1d96-40f5-bdc8-f9924dbcd522
msft-kb4103723-99a0b90d-2519-4700-be0c-e6c7b5bd04ec
msft-kb4103723-a74a9c4e-0823-4afc-8b58-cf1785a2e2b4
msft-kb4103726-a7aeeaa3-5971-4250-852a-cce0d132b757
msft-kb4103726-e236ef6f-7ae3-4e19-879e-9130446af0ca
msft-kb4103726-fb17b3dd-c200-4335-aae4-a4fadb929428
msft-kb4103727-0dae0270-e483-4c81-9914-263ec487c6c1
msft-kb4103727-6108aff5-77b2-4684-b1cb-749f3c040d8f
msft-kb4103727-c03178c9-b5d2-4c5f-819f-c8871513e23d
msft-kb4103731-610e3534-770e-4bab-845a-0159c0645106
msft-kb4103731-f80f24fa-933a-44d1-a83a-8013a727d881
msft-kb4130956-46f7086f-75e0-49f8-a4e2-4814d7d576ad
msft-kb4130956-53ee1507-b283-4fd5-9fce-ec934091134b
msft-kb4130956-ea47bd6e-c2a2-498e-a19b-f57aee4ad53d

References

https://attackerkb.com/topics/cve-2018-8136
CVE - 2018-8136
4103712
4103715
4103716
4103718
4103721
4103723
4103725
4103726
4103727
4103730
4103731
4130956

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8136: Windows Remote Code Execution Vulnerability

Microsoft CVE-2018-8136: Windows Remote Code Execution Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.