CVE-2018-8415

Name of the Vulnerable Software and Affected Versions PowerShell Core versions 6.0 through 6.1 Windows 7 Windows 8.1 Windows 10 Windows RT 8.1 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019

Description A tampering issue exists that could allow an attacker to execute unlogged code. This is related to errors in processing objects in memory, which may enable a remote attacker to elevate privileges and execute arbitrary code using a specially crafted application.

Recommendations For PowerShell Core versions 6.0 through 6.1, update to a version that includes the fix for this issue. For Windows 7, Windows 8.1, Windows 10, Windows RT 8.1, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019, apply the necessary patches or updates to resolve the issue. As a temporary workaround, consider restricting the use of PowerShell until a patch is available.