CVE-2018-8639

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2018-8639 is a vulnerability that was identified in October 2018. It affects all versions of Microsoft Windows, from Windows 7 through to Windows 10, as well as Windows Server 2008 and 2012. The vulnerability is caused by a flaw in the way that Windows handles certain files. Specifically, it arises due to an error in the Windows kernel that fails to properly handle memory objects. This allows an attacker to execute arbitrary code on a targeted system, potentially giving them complete control over the system. The CVE-2018-8639 vulnerability was initially discovered by security researchers at Kaspersky Lab. They reported the vulnerability to Microsoft, who subsequently released a patch to address the issue. However, because the vulnerability had already been exploited in the wild by cybercriminals, Microsoft also issued an emergency patch outside their normal monthly "Patch Tuesday" cycle. The exploitation of the CVE-2018-8639 vulnerability was associated with a hacking group known as FruityArmor. This group was thought to be operating out of the Middle East and was primarily targeting government organizations in the region. Their use of this vulnerability was notable because it allowed them to bypass security measures such as ASLR (Address Space Layout Randomization), which had previously been considered an effective defense against certain types of attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2018-8639 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CSO Online
a year ago
Why you should review the security of your MSSQL servers