Windows ALPC vulnerability (CVE-2018-8440) used in Exploit Kit

The ALPC vulnerability (CVE-2018-8440), which is present in all supported and unpatched Microsoft Windows versions, is now being exploited by the Metasploit Kit.


I had blogged several times about the ALPC vulnerability (CVE-2018-8440) (see links at the end of this article). Microsoft released corresponding fixes on September 11, 2018 (see Microsoft Security Update Summary September 11, 2018). So if you have patched, you are on the safe side. If you haven't installed the updates, you should know that cyber criminals can now exploit this vulnerability via the Metasploit kit, as the following tweet reports.

Simlar articles:
Microsoft Security Update Summary September 11, 2018
Windows 0-day ALPC vulnerability in task scheduler
Microsoft Patchday: Other Updates September 11, 2018

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Update, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *