CVE-2018-8423

Name of the Vulnerable Software and Affected Versions Microsoft JET Database Engine (affected versions not specified) Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2019 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description A remote code execution issue exists due to insufficient input validation in the Microsoft JET Database Engine. This allows an attacker to execute arbitrary code and gain control of the vulnerable system by using a specially crafted file. The vulnerability can be exploited by remote attackers, affecting the system.

Recommendations For Windows 7, consider applying the recommended security updates. For Windows Server 2012 R2, apply the latest security patches. For Windows RT 8.1, restrict access to the JET Database Engine until a fix is available. For Windows Server 2008, update to the latest service pack. For Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers, apply the relevant security updates from Microsoft. As a temporary workaround, consider disabling the JET Database Engine functionality until a patch is available. Restrict access to the vulnerable system to minimize the risk of exploitation.