CVE-2018-8506

Name of the Vulnerable Software and Affected Versions Microsoft Windows Codecs Library (affected versions not specified) Windows 10 Windows 10 Servers Windows Server 2019

Description The issue is related to an Information Disclosure vulnerability in the way that Microsoft Windows Codecs Library handles objects in memory. This vulnerability can be exploited by attackers to obtain sensitive information using a specially crafted image file.

Recommendations For Windows 10, consider restricting access to the Windows Codecs Library until a patch is available. For Windows 10 Servers, restrict the use of specially crafted image files to minimize the risk of exploitation. For Windows Server 2019, avoid using the Windows Codecs Library with untrusted image files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.