First published: Wed Nov 14 2018(Updated: )
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Microsoft.powershell.archive | =1.2.2.0 | |
Microsoft Powershell Core | =6.0 | |
Microsoft Powershell Core | =6.1 | |
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT 8.1 | ||
Microsoft Windows Server 2008 | =r2-sp1 | |
Microsoft Windows Server 2008 | =r2-sp1 | |
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2016 | =1709 | |
Microsoft Windows Server 2016 | =1803 | |
Microsoft Windows Server 2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-8256 is a remote code execution vulnerability in Microsoft PowerShell.
CVE-2018-8256 affects Windows RT 8.1, PowerShell Core 6.0, and various versions of Windows 10, Windows 7, Windows 8.1, and Windows Server.
CVE-2018-8256 is classified as critical with a severity value of 8.8.
Apply the necessary security updates provided by Microsoft for the affected software versions.
You can find more information about CVE-2018-8256 on the Microsoft Security website.