CVE-2018-8420(RCE)
受影响版本:
![](https://i-blog.csdnimg.cn/blog_migrate/8f900a89c6347c561fdf2122f13be562.gif)
![](https://i-blog.csdnimg.cn/blog_migrate/961ddebeb323a10fe0623af514929fc1.gif)
1 Microsoft Windows 10 Version 1607 for 32-bit Systems 2 Microsoft Windows 10 Version 1607 for x64-based Systems 3 Microsoft Windows 10 Version 1803 for 32-bit Systems 4 Microsoft Windows 10 Version 1803 for x64-based Systems 5 Microsoft Windows 10 for 32-bit Systems 6 Microsoft Windows 10 for x64-based Systems 7 Microsoft Windows 10 version 1703 for 32-bit Systems 8 Microsoft Windows 10 version 1703 for x64-based Systems 9 Microsoft Windows 10 version 1709 for 32-bit Systems 10 Microsoft Windows 10 version 1709 for x64-based Systems 11 Microsoft Windows 7 for 32-bit Systems SP1 12 Microsoft Windows 7 for x64-based Systems SP1 13 Microsoft Windows 8.1 for 32-bit Systems 14 Microsoft Windows 8.1 for 64-bit Systems 15 Microsoft Windows RT 8.1 16 Microsoft Windows Server 1709 17 Microsoft Windows Server 1803 18 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 19 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 20 Microsoft Windows Server 2008 for 32-bit Systems SP2 21 Microsoft Windows Server 2008 for Itanium-based Systems SP2 22 Microsoft Windows Server 2008 for x64-based Systems SP2 23 Microsoft Windows Server 2012 24 Microsoft Windows Server 2012 R2 25 Microsoft Windows Server 2016
win10和windows server 2016(2018-08-27 漏洞详情公开披露,2018-08-29 360CERT发布漏洞预警)
![](https://i-blog.csdnimg.cn/blog_migrate/8f900a89c6347c561fdf2122f13be562.gif)
![](https://i-blog.csdnimg.cn/blog_migrate/961ddebeb323a10fe0623af514929fc1.gif)
1 Task Scheduler任务调度服务中ALPC调用接口导出了SchRpcSetSecurity函数,该函数能够对一个任务或者文件夹设置安全描述符
Windows VBScript Engine (RCE) CVE-2018-8174
![](https://i-blog.csdnimg.cn/blog_migrate/8f900a89c6347c561fdf2122f13be562.gif)
![](https://i-blog.csdnimg.cn/blog_migrate/961ddebeb323a10fe0623af514929fc1.gif)
1 https://github.com/Sch01ar/CVE-2018-8174_EXP