Vulmon
poc for 0263
cve-2017-0263-poc poc for 0263
The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows rt 8.1 |
||
microsoft windows server 2012 - |
||
microsoft windows 10 - |
||
microsoft windows 10 1511 |
||
microsoft windows 10 1607 |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 r2 |
||
microsoft windows 8.1 |
||
microsoft windows server 2016 |
||
microsoft windows 10 1703 |
||
microsoft windows 7 |
||
microsoft windows server 2008 |
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We reported this vulnerability to Microsoft on August 17, 2018. Microsoft confirmed the vulnerability and designated it CVE-2018-8453. In August 2018 our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft Windows operating system. Further analysis into this case led us to u...
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Our private reports subscription customers receive a steady stream of YARA, IOC, and reports on Sofacy, our most reported APT for the year. This high level of cyber-espionage activity goes back years. In ...
Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors. Since we began offering a threat intelligence service, all deep technical ...
Get patching ASAP as exploits are being used in the wild – and fix Adobe stuff, too
Microsoft has today published patches for more than 50 security flaws in its products – including three serious holes being exploited right now in the wild. These updates should be applied as soon as possible. The May edition of Patch Tuesday addresses blunders in Internet Explorer, Edge, Windows, Office, and the .NET Framework. In total, 55 bugs have been squashed, including 17 that have been rated as critical security risks. Of the three bad bugs being actively exploited in the wild, two can...