← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-8639 — Actively Exploited: Windows (Microsoft)

Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

CVE IDCVE-2018-8639
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Date added2025-03-03
Remediation due2025-03-24
Known ransomware useKnown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →