![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
The Windows ALPC security hole CVE-2018-8440 is now readily exploitable
Home › Forums › AskWoody blog › The Windows ALPC security hole CVE-2018-8440 is now readily exploitable
Tagged: ALPC, CVE-2018-8440, September 2018 Black Tuesday
This topic contains 9 replies, has 9 voices, and was last updated by
glnz 4 months, 2 weeks ago.-
AuthorPosts
-
One of this month’s security patches has taken on a more prominent position. CVE-2018-8440 — the ALPC privilege escalation bug — has just been added
[See the full post at: The Windows ALPC security hole CVE-2018-8440 is now readily exploitable]2 users thanked author for this post.
-
anonymousShould the win 7/8.1 users go ahead install our security updates? The buggy Win10 cumulative updates obviously don’t affect us.
-
No rest for the weary.
No rest for the Wary?!
3 users thanked author for this post.
-
“Which means I’m looking hard at the MS-DEFCON 2 setting” …
Any update?
Thanks.
-
@woody: Could you please tell me what this ALPC security hole CVE-2018-8440 is? There are so many acronyms I don’t understand a lot of what is being said. Thank you, as always, for all you do for us! It is sincerely appreciated and a Major accomplishment. 🙂
<h2></h2>-
I looked up ALPC on Google and it’s very technical and has to do with wide area networks, etc. (my understanding). Too technical for me but you might want to give it a try.
Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Group B
-
This reply was modified 4 months, 3 weeks ago by Charlie.
-
This reply was modified 4 months, 3 weeks ago by
-
This has to do with the Windows Task Manager and related scheduled tasks.
ALPC class
https://docs.microsoft.com/en-us/windows/desktop/etw/alpc
“This class is the parent class for advanced local procedure call events.”
Windows Internals Guide
The Client/Server Model
Introduction
https://community.tribelab.com/mod/book/view.php?id=628&chapterid=214
ALPC can refer to the ALPC Class in the Microsoft Docs example, or Asynchronous Local Procedure Call, which is more complicated to explain.
The vulnerability is in the Windows Task Manager’s Advanced Local Procedure Call routines.
Beyond this, I would have to defer to some of the real experts around here as to who would be most affected, and what the level of risk is. Woody doesn’t seem to think it’s much of a threat to non-business users, as long as we aren’t currently infected or compromised by something else.
We remain at MS DEFCON-2, so now is not the time to patch for this issue.
-- rc primak
-
This reply was modified 4 months, 3 weeks ago by rc primak.
-
This reply was modified 4 months, 3 weeks ago by
-
-
I got hit with the network connectivity problem on my Win 7 Pro 64-bit machine.
About five days ago, I installed the two updates from Sept 11 because Susan showed them as OK on her patch list page, but about two days ago started having internet connectivity issues on reboots.
SO I uninstalled three or four items that “Installed Updates” were showing with September dates, and it seems I am now OK.
Windows Updates is again showing me the same two items: KB 4457918 and KB 4457144.
Obviously, I shall wait until Woody gives the all-clear.
Thanks.
-
AuthorPosts
Comments are closed.
-
-
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced.

Plus Membership
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search The Lounge
Recent Replies
-
OscarCP on Verizon FIOS upload speed45 minutes ago
-
Morty on Woody’s Windows Watch: Dispatches from the browser-war’s front lines1 hour, 47 minutes ago
-
Ascaris on Woody’s Windows Watch: Dispatches from the browser-war’s front lines2 hours, 48 minutes ago
-
Peter Haug on Woody’s Windows Watch: Dispatches from the browser-war’s front lines3 hours, 10 minutes ago
-
PerthMike on Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it3 hours, 42 minutes ago
-
Bluetrix on Anomalous, buggy behavior on AskWoody4 hours, 2 minutes ago
-
PKCano on Win10.1809 repair / in-place upgrade failure4 hours, 3 minutes ago
-
Ascaris on LangList: Should you trust a hard drive after a major error?4 hours, 54 minutes ago
-
OscarCP on Woody’s Windows Watch: Dispatches from the browser-war’s front lines5 hours, 15 minutes ago
-
OscarCP on Tell me the truth – Which is better, Chrome or Firefox?5 hours, 25 minutes ago
-
OscarCP on Cimpanu: The US Govt Accountability Office recommends the US adopt GDPR-like privacy legislation5 hours, 43 minutes ago
-
OscarCP on How many Internet domains own MS, Google, Apple, Amazon? Try tens of millions5 hours, 55 minutes ago
-
deuce120 on LangList: Should you trust a hard drive after a major error?6 hours ago
-
Woody Lounger on This is a test topic from a Lounger6 hours, 3 minutes ago
-
woody on Anomalous, buggy behavior on AskWoody6 hours, 12 minutes ago
-
mn– on LangList: Should you trust a hard drive after a major error?6 hours, 13 minutes ago
-
deuce120 on Woody’s Windows Watch: Dispatches from the browser-war’s front lines6 hours, 14 minutes ago
-
Sueska on Woody’s Windows Watch: Dispatches from the browser-war’s front lines6 hours, 15 minutes ago
-
woody on Anomalous, buggy behavior on AskWoody6 hours, 28 minutes ago
-
Mele20 on Cimpanu: The US Govt Accountability Office recommends the US adopt GDPR-like privacy legislation6 hours, 28 minutes ago
Recent Topics
-
Edge is NOT just Win 10
2 hours, 10 minutes ago
-
Verizon FIOS upload speed
45 minutes ago
-
Win10.1809 repair / in-place upgrade failure
4 hours, 3 minutes ago
-
Unable to run a command in Linux Mint
4 hours, 32 minutes ago
-
Extra system files?
8 hours, 7 minutes ago
-
Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it
3 hours, 42 minutes ago
-
Whatever happened to Opera?
7 hours, 46 minutes ago
-
win 10 backup failure 0x800700E1
7 hours, 36 minutes ago
-
Win 7 to Win 10: 1803 or 1809 or 1903?
9 hours, 48 minutes ago
-
Windows 8.1 Post Patch Maintenance
14 hours, 48 minutes ago
Search for Topics
Recent blog posts
- Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it
- Woody’s Windows Watch: Dispatches from the browser-war’s front lines
- LangList: Should you trust a hard drive after a major error?
- Patch Watch: February Patch Tuesday and yet more problems with the new Japanese calendar
- Deanna’s Freeware Spotlight: MultiPack Visual C+ Installer