This vulnerability has been assigned the following Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. A denial of service (DoS) vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.
When Windows fails to perform the last-minute check on a ticket
The vulnerability has been assigned the following Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. A denial of service vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.
What is the Kerberos DoS Vulnerability?
This DoS vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. An attacker can use this vulnerability to cause a denial of service condition by sending specially-formatted requests that are processed by a vulnerable Windows system. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.
Vulnerability Details
CVE ID: CVE-2018-8174
Affected Products: Windows 10, Windows Server 2016, Windows 10 Servers (x86)
Type: Denial of Service
Summary: A denial of service vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.
Overview of the Vulnerability
A denial of service (DoS) vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. The update addresses this vulnerability by correcting how Windows validates the last-minute check on a ticket.
Symptoms of the Vulnerability
The vulnerability may cause the system to stop responding when a specially-formatted request (e.g., DNS amplification, email, or instant messaging) is processed by Windows. An attacker may leverage this to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system and causing the system to stop responding to legitimate requests.
Timeline
Published on: 04/15/2022 19:15:00 UTC
Last modified on: 04/22/2022 18:30:00 UTC