Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability

Added Feb. 15, 2022 • Due Aug. 15, 2022 • CVE-2018-8174

Overdue Microsoft / Windows Known Ransomware Use CWE-787

Description

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"

Required Action

Apply updates per vendor instructions.

References

https://nvd.nist.gov/vuln/detail/CVE-2018-8174

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 6 months ago