An elevation of privilege vulnerability in the Kernel Transaction Manager (KTM) driver . It is exploited via a race condition that occurs when file transaction in the kernel mode are not handled properly. Successful exploitation can lead to remote code execution on the target via browsers. it can be leveraged sandbox escape in browsers. CVE-2018-8611 has been assigned … Continue reading “Windows Kernel Elevation of Privilege Vulnerability: CVE-2018-8611”
Tag: win32k.sys
Windows Win32k Elevation of Privilege Vulnerability: CVE-2018-8589
An elevation of privilege vulnerability has been disclosed in the Windows OS. The issue affects Windows 7, Server 2008 (R2) both core and non-core versions. CVE-2018-8589 has been assigned to track this vulnerability. Microsoft has addressed this issue in November 2018 patch release. However a patched target may still crash (BSOD) if the exploit is triggered. For exploiting … Continue reading “Windows Win32k Elevation of Privilege Vulnerability: CVE-2018-8589”