| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2018-8637 | Win32k Information Disclosure Vulnerability | Windows 10 | Important | 12-12-2018 |
Technical Information
Brief overview of the risk:
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object.
Detailed Information on the risk:
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
The security update addresses the vulnerability by correcting how the Windows kernel handles memory
addresses.
Further information on this exploit is available at : CVE-2018-8637
Affected Software
Windows 10 Version 1803 for 32-bit Systems,
Windows 10 Version 1803 for x64-based Systems,
Windows Server, version 1803 (Server Core Installation),
Windows 10 Version 1803 for ARM64-based Systems,
Windows 10 Version 1809 for 32-bit Systems,
Windows 10 Version 1809 for x64-based Systems,
Windows 10 Version 1809 for ARM64-based Systems,
Windows Server 2019,
Windows Server 2019 (Server Core installation)