Endpoint Vulnerability

Microsoft: CredSSP Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in the Credential Security Support Provider protocol (CredSSP). An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute code on the target system.

Affected Products

Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation),Windows Server, version 1803 (Server Core Installation)

References

CVE-2018-0886,