PT-2018-9041 · Microsoft · Windows 7+4

Published

2018-01-03

Updated

2020-08-24

CVE-2018-0741

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows 7 SP1 Windows Server 2008 SP2 Windows Server 2008 R2 SP1

Description The issue is related to the way objects are handled in memory by the Color Management Module (Icm32.dll), allowing an information disclosure. This could enable attackers to obtain sensitive information and potentially affect the system.

Recommendations For Windows 7 SP1, update to a version that includes the fix for the Microsoft Color Management Information Disclosure issue. For Windows Server 2008 SP2, apply the necessary patch to resolve the information disclosure vulnerability. For Windows Server 2008 R2 SP1, install the update that addresses the Color Management Module issue to prevent information disclosure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-0741

Affected Products

Icm32.Dll

Windows

Windows 7

Windows Server 2008

Windows Server 2008 R2

PT-2018-9041 · Microsoft · Windows 7+4

CVE-2018-0741

Related Identifiers

Affected Products

References · 7