Microsoft Win32k CVE-2018-8637 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
Affected Applications
Windows 10
Windows Server version 1803 (Server Core Installation)
Windows Server 2019