MS.Windows.GDI.EMR_NAMEDESCAPE.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in Microsoft Windows.
The vulnerability is due to an error in the application when handling a crafted file. A remote attacker can exploit this to gain unauthorized access to sensitive information, via a crafted file.
Affected Products
Microsoft Windows Server 2019
Microsoft Windows Server version 1709
Microsoft Windows Server version 1803
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8596
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |