Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability

Bugtraq ID:	105016
Class:	Design Error
CVE:	CVE-2018-8414
Remote:	Yes
Local:	No
Published:	Aug 14 2018 12:00AM
Updated:	Aug 16 2018 04:00AM
Credit:	Matt Nelson (@enigma0x3) of SpecterOps
Vulnerable:	Microsoft Windows Server 1803 0 Microsoft Windows Server 1709 0 Microsoft Windows 10 Version 1803 for x64-based Systems 0 Microsoft Windows 10 Version 1803 for 32-bit Systems 0 Microsoft Windows 10 version 1709 for x64-based Systems 0 Microsoft Windows 10 version 1709 for 32-bit Systems 0 Microsoft Windows 10 version 1703 for x64-based Systems 0 Microsoft Windows 10 version 1703 for 32-bit Systems 0
Not Vulnerable:

Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability

Reports indicate that this issue is being exploited in the wild. Please see the references for more information.

Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability

References:

• Microsoft Homepage (Microsoft)
  
• Microsoft Windows Homepage (Microsoft )
  
• CVE-2018-8414 | Windows Shell Remote Code Execution Vulnerability (Microsoft)