What is the severity of CVE-2018-0816?

CVE-2018-0816 is classified as a critical elevation of privilege vulnerability.

How do I fix CVE-2018-0816?

To mitigate CVE-2018-0816, it is recommended to install the latest security updates provided by Microsoft for your affected Windows version.

Which versions of Windows are affected by CVE-2018-0816?

CVE-2018-0816 affects Microsoft Windows 7 SP1, 8.1, 10, various Windows Server versions, and RT 8.1.

Can exploitation of CVE-2018-0816 allow remote code execution?

No, CVE-2018-0816 allows for elevation of privilege, meaning it may enable a user to gain elevated access but not execute remote code.

Is there a workaround for CVE-2018-0816 if I cannot immediately patch?

The best workaround involves following security best practices and limiting user access to reduce the risk of exploitation until a patch can be applied.

Vulnerability/
CVE-2018-0816

high

14/3/2018

17/9/2024

CVE-2018-0816

First published: Wed Mar 14 2018(Updated: )

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817.

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Windows 10
Windows 10	=1511
Windows 10	=1607
Windows 10	=1703
Windows 10	=1709
Microsoft Windows 7	=sp1
Microsoft Windows
Microsoft Windows RT
Microsoft Windows Server	=sp2
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server
Microsoft Windows Server	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2016	=1709

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0816?
CVE-2018-0816 is classified as a critical elevation of privilege vulnerability.
How do I fix CVE-2018-0816?
To mitigate CVE-2018-0816, it is recommended to install the latest security updates provided by Microsoft for your affected Windows version.
Which versions of Windows are affected by CVE-2018-0816?
CVE-2018-0816 affects Microsoft Windows 7 SP1, 8.1, 10, various Windows Server versions, and RT 8.1.
Can exploitation of CVE-2018-0816 allow remote code execution?
No, CVE-2018-0816 allows for elevation of privilege, meaning it may enable a user to gain elevated access but not execute remote code.
Is there a workaround for CVE-2018-0816 if I cannot immediately patch?
The best workaround involves following security best practices and limiting user access to reduce the risk of exploitation until a patch can be applied.

agent/type
agent/severity
agent/author
agent/remedy
agent/description
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/microsoft
canonical/windows 10
version/windows 10/1511
version/windows 10/1607
version/windows 10/1703
version/windows 10/1709
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows
canonical/microsoft windows rt
canonical/microsoft windows server
version/microsoft windows server/sp2
version/microsoft windows server/r2-sp1
version/microsoft windows server/r2
canonical/microsoft windows server 2016
version/microsoft windows server 2016/1709