CVE-2018-8420

Name of the Vulnerable Software and Affected Versions Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description A remote code execution issue exists due to insufficient input validation in the Microsoft XML Core Services MSXML parser. This allows a remote attacker to execute arbitrary code by processing specially crafted user input, potentially through a malicious web page. The vulnerability can be exploited to run malicious code, affecting the system.

Recommendations For Windows 7, apply the relevant security update to fix the issue. For Windows Server 2012 R2, apply the relevant security update to fix the issue. For Windows RT 8.1, apply the relevant security update to fix the issue. For Windows Server 2008, apply the relevant security update to fix the issue. For Windows Server 2012, apply the relevant security update to fix the issue. For Windows 8.1, apply the relevant security update to fix the issue. For Windows Server 2016, apply the relevant security update to fix the issue. For Windows Server 2008 R2, apply the relevant security update to fix the issue. For Windows 10, apply the relevant security update to fix the issue. For Windows 10 Servers, apply the relevant security update to fix the issue. As a temporary workaround, consider restricting access to the MSXML parser until a patch is available.