CVE-2018-8349

Name of the Vulnerable Software and Affected Versions Microsoft COM for Windows versions prior to the fixed version Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description A remote code execution issue exists due to the improper handling of serialized objects. This allows remote attackers to execute arbitrary code and affect the system. The vulnerability is related to the restoration of an untrusted data structure in memory.

Recommendations For Windows 7, apply the necessary patch to fix the issue. For Windows Server 2012 R2, apply the necessary patch to fix the issue. For Windows RT 8.1, apply the necessary patch to fix the issue. For Windows Server 2008, apply the necessary patch to fix the issue. For Windows Server 2012, apply the necessary patch to fix the issue. For Windows 8.1, apply the necessary patch to fix the issue. For Windows Server 2016, apply the necessary patch to fix the issue. For Windows Server 2008 R2, apply the necessary patch to fix the issue. For Windows 10, apply the necessary patch to fix the issue. For Windows 10 Servers, apply the necessary patch to fix the issue. As a temporary workaround, consider restricting access to the Microsoft COM for Windows component until a patch is available.