1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Windows Shell CVE-2018-8495

Web Attack: Microsoft Windows Shell CVE-2018-8495

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Additional Information

Microsoft Windows is prone to a remote code-execution vulnerability. Specifically, this issue occurs when the windows Shell improperly handles URIs.

An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Affected

  • Windows Server 2016, Windows 10, Windows 10 Servers.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube