Unrated severityCISA KEVNVD Advisory· Published Nov 14, 2018· Updated Oct 21, 2025

CVE-2018-8589

Description

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Affected products

Microsoft/Windows Server 2008v5
Range: 32-bit Systems Service Pack 2
Microsoft/Windows 7v5
Range: 32-bit Systems Service Pack 1
Microsoft/Windows Server 2008 R2v5
Range: Itanium-Based Systems Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105796mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1042140mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.040
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000