News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • The Windows ALPC security hole CVE-2018-8440 is now readily exploitable

    Home Forums AskWoody blog The Windows ALPC security hole CVE-2018-8440 is now readily exploitable

    This topic contains 9 replies, has 9 voices, and was last updated by

     glnz 8 months, 2 weeks ago.

    • Author
    • #218975 Reply

      Da Boss

      One of this month’s security patches has taken on a more prominent position. CVE-2018-8440 — the ALPC privilege escalation bug — has just been added
      [See the full post at: The Windows ALPC security hole CVE-2018-8440 is now readily exploitable]

      2 users thanked author for this post.
    • #218995 Reply


      Should the win 7/8.1 users go ahead install our security updates? The buggy Win10 cumulative updates obviously don’t affect us.

      • #219008 Reply

        Da Boss

        WAIT for the DEFCON number to go to 3 or above.

        Woody is assessing the risks and will give the g0-ahead with the DEFCON rating. At that time he will also post instructions on ComputerWorld.

        4 users thanked author for this post.
    • #219043 Reply

      Da Boss

      No rest for the weary.

      No rest for the Wary?!

      3 users thanked author for this post.
      • #219059 Reply

        AskWoody Plus

        I imagine Woody is probably also woozy by now!

        1 user thanked author for this post.
    • #219679 Reply

      AskWoody Lounger

      “Which means I’m looking hard at the MS-DEFCON 2 setting” …

      Any update?


    • #219680 Reply

      AskWoody Lounger

      @woody:  Could you please tell me what this ALPC security hole CVE-2018-8440 is?  There are so many acronyms I don’t understand a lot of what is being said.   Thank you, as always, for all you do for us!   It is sincerely appreciated and a Major accomplishment.     🙂

      • #219849 Reply

        AskWoody Plus

        I looked up ALPC on Google and it’s very technical and has to do with wide area networks, etc. (my understanding).  Too technical for me but you might want to give it a try.

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

      • #220082 Reply

        rc primak

        This has to do with the Windows Task Manager and related scheduled tasks.

        ALPC class

        “This class is the parent class for advanced local procedure call events.”

        Windows Internals Guide

        The Client/Server Model


        ALPC can refer to the ALPC Class in the Microsoft Docs example, or Asynchronous Local Procedure Call, which is more complicated to explain.

        The vulnerability is in the Windows Task Manager’s Advanced Local Procedure Call routines.

        Beyond this, I would have to defer to some of the real experts around here as to who would be most affected, and what the level of risk is. Woody doesn’t seem to think it’s much of a threat to non-business users, as long as we aren’t currently infected or compromised by something else.

        We remain at MS DEFCON-2, so now is not the time to patch for this issue.

        -- rc primak

    • #220588 Reply

      AskWoody Lounger

      I got hit with the network connectivity problem on my Win 7 Pro 64-bit machine.

      About five days ago, I installed the two updates from Sept 11 because Susan showed them as OK on her patch list page, but about two days ago started having internet connectivity issues on reboots.

      SO I uninstalled three or four items that “Installed Updates” were showing with September dates, and it seems I am now OK.

      Windows Updates is again showing me the same two items: KB 4457918 and KB 4457144.

      Obviously, I shall wait until Woody gives the all-clear.


    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: The Windows ALPC security hole CVE-2018-8440 is now readily exploitable

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.