The vulnerabilities could be remotely exploited and give attackers control over affected systems.
The CERT Coordination Center (CERT/CC) today published data on vulnerabilities affecting versions of Microsoft Windows and Windows Server.
Microsoft had issued an advisory for
CVE-2018-8611, a Windows kernel elevation of privilege bug that exists when the Windows kernel fails to properly handle objects in memory. An attacker who exploited this flaw could run arbitrary code in kernel mode. They could then install programs and view, change, or delete data, or create new accounts with full user rights.
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
CISA Alerts on Actively Exploited Windows Improper Access Control Flaw