Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0066 Windows kernel update for CVE-2018-1038 3 April 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Windows Operating System: Windows Impact/Access: Administrator Compromise -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-1038 Member content until: Thursday, May 3 2018 OVERVIEW Microsoft has released an out of cycle patch at the end of the Month of March 2017. [1] This update resolves a vulnerability across the following products: Windows 7 Windows Server 2008 IMPACT Microsoft has given the following details regarding these vulnerabilities: "CVE-2018-1038 - Windows Kernel Elevation of Privilege Vulnerability 7.00 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C" [1] MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles: KB4100480 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWsL1hox+lLeg9Ub1AQgNJA/+JHWuYy+SPLzkSXwq5RLw+GxyRkUEq4SS DDgyNlZq1rnhebO3P87qAtkXjroY5500gBGoeS/000HqZMxVNGPKgR9TJCIrnHd5 eoS89j7V66BSALSgsvn+9U5IvbapUWc5DO210/tm2cZJIZEE5jO7ZyTUgEJQUHhn Qhb31D9IZbgVSIdToFF+rD9YzNMaF0yzUK//57unI3zn1I2czJy/HFOFEx5mZkTF zEwWjrhgg1meBK1CmcmbdFkK/eBPyFmX1fw8mCwKrIQlUP+9u5+aSAERiIGr5yoI jAsJmaDC9bbwujG0Ma0KEmmLQEfjZ0VeylIYkWWg1drgSfAiCd7vrIhrk1UaTDPI BbSzXW1a9xDD/LBWPmw/NajXT5PU0jZCUy+Uej6SHyHuY/mrmUkc7NAqnl6p6IJK y7qqei+gacJ9CUIjQy8LL+0VhzAmEbMqLKDI84xVK6It3xv60vN2Cm+zZBDg6nyh NHyr8H0THj6FwPDcpdtUgsPtaU8+cFWK3koHkMu9etVaS9UwmaX+6hbs0gaKRYt9 KEutDqisQ1aU/3tbE/T6j9nsTDPoQgFBWTxvUbUn0mvBWSLBSPIrX4Sfm74V6Aw3 CnlrYBOgvmNbZ1qTBRpDvg7nduFW+UqvjjRdNuWf1NbD1wL+zw8IUp+LoL/YnrxL Gz1EpW7HF50= =KeWC -----END PGP SIGNATURE-----