Published: 12/04/2018 Updated: 24/08/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 9
microsoft windows server 2008 r2
microsoft windows 8.1 -
microsoft windows 10 1511
microsoft windows server 2016 -
microsoft windows server 2012 r2
microsoft windows 7 -
microsoft windows 10 1709
microsoft windows 10 1703
microsoft windows 10 1607
microsoft windows server 2012 -
microsoft windows rt 8.1 -
microsoft windows 10 -

It's April 2018 – and Patch Tuesday shows Windows security is still foiled by fiendish fonts

The Register • Shaun Nichols in San Francisco • 10 Apr 2018

Adobe's Flash also up the spout Mad March Meltdown! Microsoft's patch for a patch for a patch may need another patch

Microsoft has released the April edition of its monthly security update, this time addressing a total of 63 CVE-listed vulnerabilities. This month's update includes critical fixes for the usual suspects: Windows, Edge, Internet Explorer, and Office, as well as one flaw Redmond previously fixed with an unscheduled update. You should install these fixes as soon as you can, if your system hasn't already. Just one of this month's patches is for a zero-day flaw; CVE-2018-1034 is an elevation of privi...

CVE-2018-1004

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect