- Solutions for:
- Home Users
- Products
- KasperskyTotal Security
- KasperskyInternet Security
- KasperskyAnti-Virus
- KasperskyInternet Security for Mac
- Kaspersky Internet Security for Android
- Kaspersky Secure Connection
Free Tools
- Kaspersky Safe Kids
- Password Manager
- QR Scanner
- View all
SERVICES
- Comprehensive /PC Network
- Premium Installation
- Advanced Virus Removal
- View all
- Renew
- Downloads
- Support
- Resource Centre
- Blog
- My Kaspersky
- Products
- Small Business(1-50 employees)
- Medium Business(51-999 employees)
- Products
- KasperskyEndpoint Security Cloud
- KasperskyEndpoint Security for Business Select
- KasperskyEndpoint Security for Business Advanced
- KasperskySecurity for Business Total
TARGETED SECURITY SOLUTIONS
- Mail Server
- File Server
- Mobile
- Internet Gateway
- Virtualization
- Collaboration
- Vulnerability and Patch Management
- Storage
- View More
- Services
- Downloads
- Support
- Resource Centre
- CompanyAccount
- Products
- Enterprise(1000+ employees)
- Partners
- About Us
- Support
- Contact Us
- Search
Cybercriminals continue to stress-test Windows, and our protective technologies continue to detect their attempts and prevent exploitation. It is not the first or even the second discovery of this kind over the past three months. This time, our systems detected an attempt to exploit the vulnerability in Windows Kernel Transaction Manager.
The new zero-day exploit was used against several victims in the Middle East and Asia. The vulnerability it exploited, CVE-2018-8611, allowed an elevation of privilege in cases where the Windows kernel fails to handle objects in memory properly. As a result, malefactors can run arbitrary code in kernel mode.
In practice, that means malefactors can install programs, change or view data, or even create new accounts. According to our experts, the exploit can also be used to escape the sandbox in modern Web browsers, including Chrome and Edge. For technical details, see this Securelist post. Even more information about CVE-2018-8611 and the actors who tried to exploit it is available to customers of Kaspersky Intelligence Reports; contact intelreports@kaspersky.com
Our experts reported this vulnerability to developers, and Microsoft just released a corresponding patch that corrects how the Windows kernel handles objects in memory.
How to stay safe
Again, here is our general advice for vulnerabilities:
- Do not feel safe just because the exploit has found few victims at this point. Since its disclosure, more cybercriminals may try to exploit it, so install the patch immediately.
- Regularly update all software your company uses.
- Use security products with automated vulnerability assessment and patch management capabilities.
- Use a security solution equipped with behavior-based detection capabilities for effective protection against unknown threats including zero-day exploits.
Note again, before our protective technologies encountered the exploit, this vulnerability was unknown. Therefore, we can recommend specific products that can help keep you safe. The first is our solution made specifically to protect against APT threats — Kaspersky Anti Targeted Attack Platform, with its advanced sandboxing and antimalware engine. The second, Kaspersky Endpoint Security for Business, has built-in automatic exploit prevention technology, which is the technology that detected the CVE-2018-8611 vulnerability.
Nikolay Pankov
Share it using the social you like:
Products to Protect You
Our innovative products help to give you the Power to Protect what matters most to you. Discover more about our award-winning security.
FREE Tools
Our FREE security tools and more can help you check all is as it should be… on your PC, Mac or mobile device.
About Us
Discover more about who we are… how we work… and why we’re so committed to making the online & mobile world safer for everyone.
Get Your Free Trial
Try Before You Buy. In just a few clicks, you can get a FREE trial of one of our products – so you can put our technologies through their paces.
Contact Our Team
Helping you stay safe is what we’re about – if you need to contact us, get answers to some FAQs or access our technical support team.
Connect With Us
Blog List
- Eastern Europe
- Polska
- Türkiye
- Россия (Russia)
- Kazakhstan
- Asia & Pacific
- Australia
- India
- 中国 (China)
- 日本 (Japan)
- For all other countries
- Global