CVE-2018-8612

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows Server 2019 Windows 10 Servers

Description A Denial Of Service issue exists due to the failure of the Connected User Experiences and Telemetry Service to validate certain function values. This can be exploited by an attacker to cause a denial of service using a specially crafted application, potentially allowing a local attacker to disrupt the system. The vulnerability is related to improper handling of objects in memory.

Recommendations For Windows Server 2016, update to a version that includes the fix for this issue. For Windows 10, update to a version that includes the fix for this issue. For Windows Server 2019, update to a version that includes the fix for this issue. For Windows 10 Servers, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Connected User Experiences and Telemetry Service to minimize the risk of exploitation.