Posted on Leave a comment

VU#289907: Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition

CWE-362:Concurrent Execution using Shared Resource with Improper Synchronization(‘Race Condition’)- CVE-2018-8611 According to Microsoft,the Windows kernel fails”to properly handle objects in memory”. A successful attacker could run arbitrary code in kernel mode,and then”install programs; view,change,or delete data; or create new accounts with full user rights.”

What are your thoughts?