Microsoft Windows Kernel Information Disclosure Vulnerability



A vulnerability in the Microsoft Windows kernel could allow a local attacker to access sensitive information on a targeted system.

The vulnerability exists because the affected software improperly handles memory objects when the software processes user-supplied input. An attacker could exploit this vulnerability by accessing the system and executing an application that submits malicious input to the affected software. A successful exploit could allow the attacker to access sensitive information, which could be used to conduct additional attacks.

Microsoft confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-8330

Source:: Cisco Multivendor Vulnerability Alerts