← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-8589 — Actively Exploited: Win32k (Microsoft)

A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.

CVE IDCVE-2018-8589
VendorMicrosoft
ProductWin32k
Vulnerability nameMicrosoft Win32k Privilege Escalation Vulnerability
Date added2022-05-23
Remediation due2022-06-13
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionA privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →