CVE-2018-8639
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
⚠ KEVEPSS 33.2%
Description
Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
How to fix CVE-2018-8639
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2018-8639 being exploited?
Yes — CVE-2018-8639 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.