Is CVE-2018-0840 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Corporation Edge, Chakracore, Internet Explorer

CVE-2018-0840

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…

EPSS: 0.797 (99.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Corporation Edge, Chakracore, Internet Explorer — versions Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0840 (x_refsource_CONFIRM)
44077 (exploit, x_refsource_EXPLOIT-DB)
1040372 (vdb-entry, x_refsource_SECTRACK)
1040369 (vdb-entry, x_refsource_SECTRACK)
102886 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-0840?: CVE-2018-0840 is a vulnerability in Microsoft Corporation Edge, Chakracore, Internet Explorer. Published 2018-02-15.
Is CVE-2018-0840 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.