+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Privacy & Security News (https://www.geeks.fyi/forumdisplay.php?fid=107)
+--- Thread: A new exploit for zero-day vulnerability CVE-2018-8589 (/showthread.php?tid=4503)
A new exploit for zero-day vulnerability CVE-2018-8589 - harlan4096 - 14 November 18
![[Image: zero-day-CVE-2018-8589_01.png]](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/11/12100551/zero-day-CVE-2018-8589_01.png)
Quote:Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589.Full reading: https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/
In October 2018, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft’s Windows operating system. Further analysis revealed a zero-day vulnerability in win32k.sys. The exploit was executed by the first stage of a malware installer in order to gain the necessary privileges for persistence on the victim’s system. So far, we have detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East.
Kaspersky Lab products detected this exploit proactively using the following technologies:
Kaspersky Lab verdicts for the artifacts in this campaign are:
- Behavioral Detection Engine and Automatic Exploit Prevention for endpoints
- Advanced Sandboxing and Anti-Malware Engine for Kaspersky Anti Targeted Attack Platform (KATA)
More information about the attack is available to customers of Kaspersky Intelligence Reports. Contact: intelreports@kaspersky.com
- HEUR:Exploit.Win32.Generic
- HEUR:Trojan.Win32.Generic
- PDM:Exploit.Win32.Generic