CVE-2017-20190

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 8 through 11

Description The issue concerns a temporary client-side performance degradation that occurs when processing multiple Unicode combining characters, also known as a "Zalgo text" attack. This affects the processing of Unicode data. There is a dispute among third parties regarding whether the computational cost of interpreting Unicode data should be considered a vulnerability.

Recommendations For Microsoft Windows versions 8 through 11, consider restricting the processing of multiple Unicode combining characters to minimize the risk of temporary performance degradation. As a temporary workaround, avoid using sequences of Unicode combining characters in client-side applications until a more robust solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.