{"vulnerability": "CVE-2018-8611", "sightings": [{"uuid": "bf2d51bc-00a8-47aa-b4c5-b69fe2bb05b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "8522cb45-4ab5-42bc-821b-5d575662e421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971587", "content": "", "creation_timestamp": "2024-12-24T20:31:30.933323Z"}, {"uuid": "b1afe1af-cf07-447c-96ce-ccb312d9ce88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:21.000000Z"}, {"uuid": "ef8a57a4-4f1c-4df1-ab8a-195b0ef93ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=347", "content": "", "creation_timestamp": "2018-12-12T04:00:00.000000Z"}, {"uuid": "e7f1aced-999a-43d3-89c8-9f97cd3eebf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "https://t.me/ctinow/5797", "content": "Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)\n\nhttps://ift.tt/2L9WlNc", "creation_timestamp": "2018-12-12T09:37:10.000000Z"}, {"uuid": "0ef81a3f-7f19-45cd-b35c-d6e9ee0c85c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2018-8611", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/17d5ef71-7faa-408d-a406-4370e10d6fcf", "content": "", "creation_timestamp": "2026-02-02T12:27:39.012633Z"}, {"uuid": "71ad654c-7db7-4326-b9d4-4590639d085b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/techpwnews/556", "content": "CVE-2018-8611 Exploiting Windows KTM Part 2/5 \u2013 Patch analysis and basic triggering\n\nContinue reading at research.nccgroup.com (from /r/netsec)", "creation_timestamp": "2020-05-04T13:22:34.000000Z"}, {"uuid": "381ba201-7d4d-473a-b29c-db476511eb0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "Telegram/Z-KDalp7NhbKZDfm_wXg-NjRHQwEiVhE87Bp8KoU67Y-W9Q", "content": "", "creation_timestamp": "2023-03-13T05:06:46.000000Z"}, {"uuid": "64775cc9-2d35-4bf5-96ee-6cd21a930f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "exploited", "source": "https://t.me/reverse_dungeon/2770", "content": "CVE-2018-8611 Exploiting Windows KTM\n\n\nhttps://research.nccgroup.com/2020/04/27/cve-2018-8611-exploiting-windows-ktm-part-1-5-introduction\n\nhttps://research.nccgroup.com/2020/05/04/cve-2018-8611-exploiting-windows-ktm-part-2-5-patch-analysis-and-basic-triggering\n\nhttps://research.nccgroup.com/2020/05/11/cve-2018-8611-exploiting-windows-ktm-part-3-5-triggering-the-race-condition-and-debugging-tricks\n\nhttps://research.nccgroup.com/2020/05/18/cve-2018-8611-exploiting-windows-ktm-part-4-5-from-race-win-to-kernel-read-and-write-primitive\n\nhttps://research.nccgroup.com/2020/05/25/cve-2018-8611-exploiting-windows-ktm-part-5-5-vulnerability-detection-and-a-better-read-write-primitive", "creation_timestamp": "2023-01-25T16:56:02.000000Z"}, {"uuid": "d8e433d1-1c78-41d0-b6f1-772d8d65ecbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "exploited", "source": "https://t.me/true_secator/1028", "content": "\u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 APT \u0435\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u044d\u043a\u0437\u043e\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435.\n\n\u041a\u0430\u043a, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 SandCat \u0440\u043e\u0434\u043e\u043c \u0438\u0437 \u0421\u043b\u0443\u0436\u0431\u044b \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0421\u0413\u0411 \u0438\u043b\u0438 SSS) \u0423\u0437\u0431\u0435\u043a\u0438\u0441\u0442\u0430\u043d\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u0437\u0431\u0435\u043a\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0441\u043a\u0438\u043b\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0431\u044f\u0442\u0430\u043c\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u043f\u043e\u043b\u043d\u0435 \u0441\u0435\u0431\u0435 \u0445\u043e\u0440\u043e\u0448\u0438\u0435 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041d\u043e \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 2018 \u0433\u043e\u0434\u0430 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0434\u043e\u0441\u0435\u043b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 ntoskrnl.sys \u044f\u0434\u0440\u0430 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 Windows NT. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 (CVE-2018-8611) \u0431\u044b\u043b\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u043e \u0432 Microsoft \u0438 \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u0430. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u043e \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Chainshot.\n\n\u0422\u043e\u0433\u0434\u0430 \u0436\u0435 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u0435 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u0432\u0443\u043c\u044f APT - FruityArmor (aka Project Raven) \u0438\u0437 \u041e\u0410\u042d \u0438 \u043d\u043e\u0432\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 SandCat. \n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u0430\u0440\u0430\u0431\u044b \u0438\u0437 FruityArmor (\u0442\u043e\u0447\u043d\u0435\u0435 \u0438\u0437 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 NESA) \u0442\u0435 \u0435\u0449\u0435 \u0437\u0430\u0442\u0435\u0439\u043d\u0438\u043a\u0438 - \u0447\u0435\u0433\u043e \u0441\u0442\u043e\u0438\u0442 \u0445\u043e\u0442\u044f \u0431\u044b \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u0441 \u043d\u0430\u0439\u043c\u043e\u043c \u0431\u044b\u0432\u0448\u0438\u0445 \u0441\u043f\u0435\u0446\u043e\u0432 \u0438\u0437 \u0410\u041d\u0411, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u043e\u043c \u0437\u0430\u043f\u0440\u044f\u0433\u043b\u0438 \u043b\u043e\u043c\u0430\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0430\u0440\u0430\u0431\u0441\u043a\u0438\u043c\u0445 \u0434\u0438\u0441\u0441\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0421\u0428\u0410. \n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0421\u0413\u0411 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0435\u043c \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0432 2015 \u0433\u043e\u0434\u0443, \u043a\u043e\u0433\u0434\u0430 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442 \u0424\u0438\u043d\u0435\u0430\u0441 \u0424\u0438\u0448\u0435\u0440 \u0432\u0437\u043b\u043e\u043c\u0430\u043b \u0438\u0442\u0430\u043b\u044c\u044f\u043d\u0441\u043a\u0443\u044e Hacking Team, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0432\u0448\u0443\u044e \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c \u0438 \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043e\u0440\u0433\u0430\u043d\u0430\u043c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0439. \u0422\u0430\u043a, \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2011 \u043f\u043e 2015 \u0433\u043e\u0434\u044b \u0443\u0437\u0431\u0435\u043a\u0438 \u043f\u043e\u043d\u0430\u043a\u0443\u043f\u0438\u043b\u0438 \u041f\u041e \u0443 Hacking Team \u043f\u043e\u0447\u0442\u0438 \u043d\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432.\n\n\u0410 \u043e\u0441\u0435\u043d\u044c\u044e 2019 \u0433\u043e\u0434\u0430 \u0432\u0441\u0435 \u0442\u0435 \u0436\u0435 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438e \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 VirusBulletin \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e SandCat \u0443\u0436\u0435 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435. \u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 SandCat \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043c\u043e\u0433\u043b\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u043d\u043e\u0441\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u044b, \u043d\u043e \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0442\u043e\u0447\u043d\u043e\u0435 \u043c\u0435\u0441\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u044b \u0445\u0430\u043a\u0435\u0440\u043e\u0432. \u0418 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u044d\u0442\u043e\u043c\u0443 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 OPSEC \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 CVE-2018-8611 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0437\u0431\u0435\u043a\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0435\u0449\u0435 \u0442\u0440\u0435\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u044b\u043b\u0438 \u0438\u043c\u0438 \u043a\u0443\u043f\u043b\u0435\u043d\u044b. \n\n\u041f\u0440\u043e\u043a\u043e\u043b\u043e\u043b\u0438\u0441\u044c \u0436\u0435 SandCat \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e - \u043e\u043d\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u044b, \u0433\u0434\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043b\u043e\u0441\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u044b \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e, \u0443 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044f. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043a\u0430\u0436\u0434\u044b\u0439 \u0440\u0430\u0437, \u043a\u043e\u0433\u0434\u0430 \u0443\u0437\u0431\u0435\u043a\u0438 \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0444\u043b\u0435\u0448\u043a\u0443 \u0441 \u043d\u043e\u0432\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c, \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441 \u043e\u0442\u0441\u044b\u043b\u0430\u043b \u043a\u043e\u043f\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u041b\u041a.\n\n\u0414\u0430\u043b\u0435\u0435 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0432\u0441\u0435 \u044d\u0442\u0438 \u041f\u041a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u0435 \u0432/\u0447 02616, \u044f\u0432\u043b\u044f\u044e\u0449\u0435\u0439\u0441\u044f \u043f\u043e\u0434\u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0421\u0413\u0411 \u0423\u0437\u0431\u0435\u043a\u0438\u0441\u0442\u0430\u043d\u0430. \u0421 \u044d\u0442\u0438\u0445 \u0436\u0435 \u043c\u0430\u0448\u0438\u043d \u0445\u0430\u043a\u0435\u0440\u044b \u0433\u0440\u0443\u0437\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432 Virus Total.\n\n\u041f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0442\u0430\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u0443\u0437\u0431\u0435\u043a\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u0432\u043e\u0435\u0439 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Sharpa (\"\u0441\u043e\u043b\u043d\u0435\u0447\u043d\u044b\u0439 \u0437\u0430\u0439\u0447\u0438\u043a\" \u0441 \u0443\u0437\u0431\u0435\u043a\u0441\u043a\u043e\u0433\u043e). \u041d\u043e \u0434\u0435\u043b\u0430\u043b\u0438 \u043e\u043d\u0438 \u044d\u0442\u043e \u0441 \u0442\u0435\u0445 \u0436\u0435 \u0441\u0430\u043c\u044b\u0445 \u041f\u041a, \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043e\u043c!", "creation_timestamp": "2020-10-09T15:01:08.000000Z"}, {"uuid": "2b6119fb-01e3-487d-85d3-c80bcd80ed87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6402", "content": "CVE-2018-8611 Exploiting Windows KTM Part 1/5 \u2013 Introduction\nhttps://research.nccgroup.com/2020/04/27/cve-2018-8611-exploiting-windows-ktm-part-1-5-introduction/", "creation_timestamp": "2020-04-28T20:55:27.000000Z"}, {"uuid": "34ccb1a5-ff95-4fe6-8581-76b77a568a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "exploited", "source": "https://t.me/information_security_channel/22942", "content": "Threat actors exploiting the recently patched Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8611) that allows attackers to run arbitrary code in kernel mode and install program with admin privileges. The vulnerability is due to the improper file execution operations in the kernel mode. Security researchers from Kaspersky uncovered the zero-day vulnerability and it has been reported [\u2026]\nThe post Hackers Actively Exploiting the Recently Patched Windows kernel Zero-day Vulnerability in Wild (https://gbhackers.com/threat-actor-windows-kernel/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2018-12-13T01:55:24.000000Z"}, {"uuid": "cb3ef34f-e56f-4b42-941d-26cbf778e070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6413", "content": "CVE-2018-8611 Exploiting Windows KTM Part 2/5 \u2013 Patch analysis and basic triggering\nhttps://research.nccgroup.com/2020/05/04/cve-2018-8611-exploiting-windows-ktm-part-2-5-patch-analysis-and-basic-triggering/", "creation_timestamp": "2020-05-04T13:33:59.000000Z"}, {"uuid": "67f4aeda-9486-4234-ad6d-968e3ab6bd27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6429", "content": "CVE-2018-8611 Exploiting Windows KTM Part 3/5 \u2013 Triggering the race condition and debugging tricks\nhttps://research.nccgroup.com/2020/05/11/cve-2018-8611-exploiting-windows-ktm-part-3-5-triggering-the-race-condition-and-debugging-tricks/", "creation_timestamp": "2020-05-12T14:45:23.000000Z"}, {"uuid": "5434fdf6-11ae-46d8-9974-ae23a751c425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6439", "content": "CVE-2018-8611 Exploiting Windows KTM Part 4/5 \u2013 From race win to kernel read and write primitive\nhttps://research.nccgroup.com/2020/05/18/cve-2018-8611-exploiting-windows-ktm-part-4-5-from-race-win-to-kernel-read-and-write-primitive/", "creation_timestamp": "2020-05-18T18:25:16.000000Z"}, {"uuid": "37d33f58-7a06-4334-89b8-42cddb35bf4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6158", "content": "Exploiting CVE-2018-8611\nWindows Kernel Transaction Manager (KTM) Race Condition\nhttp://www.powerofcommunity.net/poc2019/Adams.pdf", "creation_timestamp": "2019-11-28T21:52:31.000000Z"}, {"uuid": "7f86d19f-c15e-4e1d-83f1-9fb83b91ff41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "seen", "source": "https://t.me/securixy_kz/317", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c MS Windows CVE-2018-8611\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u044f\u0434\u0440\u0430...", "creation_timestamp": "2018-12-12T05:50:02.000000Z"}, {"uuid": "eff0a8de-ad72-4dd8-9d17-35c625f8572b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8611", "type": "exploited", "source": "https://t.me/SecLabNews/3830", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 39 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u044f\u0434\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2018-8611) \u0432 \u044f\u0434\u0440\u0435 Windows, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043f\u0440\u043e\u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438.    \nMicrosoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 0Day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows", "creation_timestamp": "2018-12-12T08:38:31.000000Z"}]}