HTTP: Microsoft Win32k CVE-2018-8589 Elevation of Privilege

This signature detects attempts to exploit a known vulnerability against Windows Win32k. A successful attack can lead to elevation of privileges.

Extended Description

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Affected Products

Microsoft windows_server_2008

References

CVE: CVE-2018-8589

Short Name
HTTP:STC:DL:CVE-2018-8589-EOP
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-8589 Elevation Microsoft Privilege Win32k of
Release Date
11/15/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Microsoft

CVSS Score

7.2

Found a potential security threat?