CVE-2018-0877

Name of the Vulnerable Software and Affected Versions Windows 10 versions 1607 through 1709 Windows Server 2016 Windows Server, version 1709

Description The issue is related to the management of file paths in the Desktop Bridge Virtual File System (VFS), which can lead to an elevation of privilege. This is due to insufficient access control in the implementation of the Virtual File System. An attacker could exploit this issue by using a specially crafted application to gain elevated privileges.

Recommendations For Windows 10 versions 1607 through 1709, consider restricting access to the Desktop Bridge Virtual File System until a patch is available. For Windows Server 2016 and Windows Server, version 1709, restrict access to the Desktop Bridge Virtual File System to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.