Improper input validation in Windows and Windows Server - CVE-2010-1885
Published: January 3, 2017 / Updated: November 20, 2020
Vulnerability identifier: #VU3086
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2010-1885
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Microsoft
Affected software:
Windows
Windows Server
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an error when parsing URLs within Microsoft Help and Support Center. A remote attacker can create a specially crafted hcp:// URL, trick the victim into clicking on it and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in compromise of vulnerable system.
Note: this vulnerability is being actively exploited.
How to mitigate CVE-2010-1885
Install updates from Microsoft website.