vulnerability
Microsoft Windows: CVE-2018-8339: Windows Installer Elevation of Privilege Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Aug 14, 2018 | Aug 14, 2018 | Sep 5, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Aug 14, 2018
Added
Aug 14, 2018
Modified
Sep 5, 2025
Description
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior, aka "Windows Installer Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Solutions
microsoft-windows-windows_10-1507-kb4343892microsoft-windows-windows_10-1607-kb4343887microsoft-windows-windows_10-1703-kb4343885microsoft-windows-windows_10-1709-kb4343897microsoft-windows-windows_10-1803-kb4343909microsoft-windows-windows_server_2012-kb4343896microsoft-windows-windows_server_2012_r2-kb4343888microsoft-windows-windows_server_2016-1607-kb4343887msft-kb4340937-13a057e5-78bd-4fcf-9184-1d5be9e721d4msft-kb4340937-2e3b02de-dcbb-49c4-a428-59dc96de0312msft-kb4340937-306f4541-6038-40e2-b2fd-1a8b584f1853msft-kb4340937-dedab06c-c7a6-4f69-aca3-b6c95482043emsft-kb4343888-9ab5e18d-f797-40d7-9060-45a9866d6d6emsft-kb4343888-a66d6492-e84f-418a-84dd-8a5ad6ae0ba5msft-kb4343896-7b6f3c42-7894-4050-9b99-1d76fb5d2973msft-kb4343896-8f8f8d93-1980-4a05-a57e-6ae18b6755efmsft-kb4343899-1390e6b0-5a83-40ef-908f-93a18d143f85msft-kb4343899-244359a9-56fe-4fea-9470-5c43186bcfc1msft-kb4343899-66ac990f-0c27-443a-ac9b-83b116b6b822msft-kb4343899-a22a0f37-0609-442f-9060-d789539f370amsft-kb4343899-d30cbe47-67a9-4461-ab12-a669953debf1msft-kb4343899-f8dc5b2f-402d-46e3-ad8a-8d5c461a60d6
References
- BID-105030
- CVE-2018-8339
- https://attackerkb.com/topics/CVE-2018-8339
- CWE-20
- URL-https://support.microsoft.com/help/4343885
- URL-https://support.microsoft.com/help/4343887
- URL-https://support.microsoft.com/help/4343888
- URL-https://support.microsoft.com/help/4343892
- URL-https://support.microsoft.com/help/4343896
- URL-https://support.microsoft.com/help/4343897
- URL-https://support.microsoft.com/help/4343909
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.