First published: Mon Feb 26 2018(Updated: )
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 7 | ||
Microsoft Windows 8 | ||
Microsoft Windows 8.1 | ||
Microsoft Windows Vista | ||
Tivo Safedisc |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-7249 is a vulnerability in the secdrv.sys driver as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc.
CVE-2018-7249 can cause a use-after-free vulnerability in the secdrv.sys driver, which when exploited, can lead to arbitrary code execution and possibly result in privilege escalation.
CVE-2018-7249 has a severity rating of 7 (high).
Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 (before KB3086255) are affected by CVE-2018-7249. Tivo Safedisc is also affected.
Apply the relevant security update provided by Microsoft (KB3086255) to fix the vulnerability. Additionally, consider disabling the secdrv.sys driver if not needed.