virus logo Intrusion Prevention

MS.Windows.File.Handling.Component.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Windows.
The vulnerability results from lack of path restriction while processing Batch files. An attacker can exploit this by tricking an unsuspecting user into opening a file from a directory and execute arbitrary code within the context of currently logged in users.

affected-products-logoAffected Products

Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary code within the context of the currently logged in users.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/en-us/security/bulletin/ms14-019

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 38323
Created Apr 28, 2014
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2014-0315
Exploit Prediction Score 97.04%
Default Action drop
Active
Affected OS Windows
Affected App Other