CVE-2018-8589

A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system. Vendor/Product: Microsoft Win32k. Added to CISA KEV 2022-05-23; required action: Apply updates per vendor instructions.