CVE-2018-8251

Name of the Vulnerable Software and Affected Versions Windows Media Foundation versions (affected versions not specified) Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description A memory corruption issue exists due to improper handling of objects in memory by Windows Media Foundation. This can be exploited by remote attackers to execute arbitrary code using a specially crafted file or web page.

Recommendations For Windows 7, update to a newer version to mitigate the risk. For Windows Server 2012 R2, apply configuration changes to restrict access to vulnerable components. For Windows RT 8.1, disable the use of specially crafted files until a patch is available. For Windows Server 2012, restrict access to the Media Foundation component to minimize the risk of exploitation. For Windows 8.1, avoid using vulnerable API endpoints until the issue is resolved. For Windows Server 2016, consider disabling the Media Foundation component temporarily as a workaround. For Windows Server 2008 R2, update to a newer version to mitigate the risk. For Windows 10, apply configuration changes to restrict access to vulnerable components. For Windows 10 Servers, restrict access to the Media Foundation component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.