Posts: 16,470
Threads: 10,388
Thanks Received: 9,394 in 7,540 posts
Thanks Given: 10,381
Joined: 12 September 18
10 October 18, 10:55
![[Image: 180910-zeroday-exploit-1.png]](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/10/09131807/180910-zeroday-exploit-1.png)
Quote:Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We reported this vulnerability to Microsoft on August 17, 2018. Microsoft confirmed the vulnerability and designated it CVE-2018-8453.
In August 2018 our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft Windows operating system. Further analysis into this case led us to uncover a zero-day vulnerability in win32k.sys. The exploit was executed by the first stage of a malware installer to get necessary privileges for persistence on the victim’s system. The code of the exploit is of high quality and written with the aim of reliably exploiting as many different MS Windows builds as possible, including MS Windows 10 RS4.
So far, we detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East.
Full reading:
https://securelist.com/cve-2018-8453-use...cks/88151/
![[-]](https://www.geeks.fyi/images/collapse.png)
