Kaspersky: Vulnerability Detected in Kernel Transaction Manager

Kaspersky: Vulnerability Detected in Kernel Transaction Manager

bigstockphoto

Kaspersky Lab’s systems detected an attempt to exploit the vulnerability in Windows Kernel Transaction Manager, the company said in blog post.

The new zero-day exploit was used against several victims in the Middle East and Asia. The vulnerability it exploited, CVE-2018-8611, allowed an elevation of privilege in cases where the Windows kernel fails to handle objects in memory properly. As a result, malefactors can run arbitrary code in kernel mode.

In practice, that means malefactors can install programs, change or view data, or even create new accounts. According to Kaspersky experts, the exploit can also be used to escape the sandbox in modern Web browsers, including Chrome and Edge.

The company says it had reported this vulnerability to developers, and Microsoft released a corresponding patch that corrects how the Windows kernel handles objects in memory.