Denial of service when processing SMB requests in Microsoft Windows

Published: 2018-09-13 18:52:27
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-8335
Exploitation vector Network
Public exploit N/A
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 10
Windows RT 8.1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Vendor URL Microsoft

Security Advisory

1) Input validation error


The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing SMB requests. A remote non-authenticated attacker can send a specially crafted SMB request to the affected system and make the system to stop accepting further SMB requests, triggering a denial of service condition.


Install updates from vendor's website.

External links

Back to List