An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 10 1703 |
||
microsoft windows 10 1803 |
||
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 1709 |
||
microsoft windows 10 - |
||
microsoft windows 10 1607 |
||
microsoft windows 8.1 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows server 2008 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 - |
||
microsoft windows 10 1709 |
||
microsoft windows 7 - |
||
microsoft windows server 2016 - |
||
microsoft windows server 2016 1803 |
These statistics are based on detection verdicts of Kaspersky Lab products received from users who consented to provide statistical data. According to Kaspersky Security Network: Perhaps the biggest news of the reporting period was the Trojan-Banker.AndroidOS.Asacub epidemic. It peaked in September when more than 250,000 unique users were attacked – and that only includes statistics for those with Kaspersky Lab’s mobile products installed on their devices. Number of users attacked by the mob...
Too smart? There's also an old-fashioned image file RCE Safari, Edge fans: Is that really the website you think you're visiting? URL spoof bug blabbed
Admins will again be working overtime as Microsoft and Adobe have posted their monthly scheduled security updates for September. This month's Patch Tuesday bundle includes critical fixes for Windows, SQL Server, and Hyper V, as well as Flash and Cold Fusion. In total, Microsoft addressed 61 CVE-listed vulnerabilities this month, including 23 that would potentially allow for remote code execution. One of the more noteworthy of those bugs is CVE-2018-8475, a remote code flaw that can be triggered ...