CVE-2018-8256

Name of the Vulnerable Software and Affected Versions Windows RT 8.1 PowerShell Core versions 6.0 through 6.1 Microsoft.PowerShell.Archive version 1.2.2.0 Windows Server versions 2008 R2 through 2019 Windows 7 Windows 8.1 Windows 10 Windows 10 Servers

Description A remote code execution issue exists due to improper handling of specially crafted files by PowerShell. This allows remote attackers to execute arbitrary code on the system. The vulnerability is related to errors in processing objects in memory, which can be exploited by using a specially crafted file.

Recommendations For Windows RT 8.1, update to a newer version that contains a fix for this issue. For PowerShell Core versions 6.0 through 6.1, update to a newer version that contains a fix for this issue. For Microsoft.PowerShell.Archive version 1.2.2.0, update to a newer version that contains a fix for this issue. For Windows Server versions 2008 R2 through 2019, update to a newer version that contains a fix for this issue. For Windows 7, Windows 8.1, Windows 10, and Windows 10 Servers, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to PowerShell until a patch is available.