[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

114411

 
 

909

 
 

88812

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Cortana Elevation of Privilege Vulnerability - CVE-2018-8253

ID: oval:org.secpod.oval:def:47139Date: (C)2018-08-15   (M)2018-10-10
Class: VULNERABILITYFamily: windows




An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user. To exploit the vulnerability, an attacker would require physical access to the console and the system must have Microsoft Cortana assistance enabled. The security update addresses the vulnerability by preventing Microsoft Cortana from allowing arbitrary website browsing on the lockscreen.

Platform:
Microsoft Windows Server 2016
Microsoft Windows 10
Reference:
CVE-2018-8253
CVE    1
CVE-2018-8253
CPE    5
cpe:/o:microsoft:windows_server_2016:-
cpe:/o:microsoft:windows_server_2016:::x64
cpe:/o:microsoft:windows_10:1607:::x64
cpe:/o:microsoft:windows_10:1607:::x86
...

© SecPod Technologies