==================================================================== CERT-Renater Note d'Information No. 2018/VULN125 _____________________________________________________________________ DATE : 03/04/2018 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows versions 7, Server 2008. ===================================================================== https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038 _____________________________________________________________________ CVE-2018-1038 | Windows Kernel Elevation of Privilege Vulnerability Security Vulnerability Published: 03/29/2018 MITRE CVE-2018-1038 Executive Summary Exploitability Assessment Affected Products Mitigations Workarounds FAQ Acknowledgements Disclaimer Revisions An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. Exploitability Assessment The following table provides an exploitability assessment for this vulnerability at the time of original publication. Publicly Disclosed Exploited Latest Software Release Older Software Release Denial of Service Yes No Not Applicable Not Applicable Not Applicable Affected Products Affected Products The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see the Microsoft Support Lifecycle. Product Platform Article Download Impact Severity Supersedence Windows 7 for x64-based Systems Service Pack 1 4100480 Security Update Windows Server 2008 R2 for x64-based Systems Service Pack 1 4100480 Security Update Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4100480 Security Update Mitigations Microsoft has not identified any mitigating factors for this vulnerability. Workarounds Microsoft has not identified any workarounds for this vulnerability. FAQ I am running Windows 7 or Windows Server 2008 R2 on my system. At what point do I need to install security update 4100480? If you are running Windows 7 for x64-based Systems or Windows Server 2008 R2 for x64-based Systems, and you have installed any of the servicing updates released during or after January 2018, you need to install 4100480 immediately to be protected from this vulnerability. Acknowledgements Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See acknowledgements for more information. Disclaimer The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Revisions Version Date Description 1.0 03/29/2018 Information published. ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================