This vulnerability has been assigned the following Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. A denial of service (DoS) vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.

When Windows fails to perform the last-minute check on a ticket

The vulnerability has been assigned the following Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. A denial of service vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.

What is the Kerberos DoS Vulnerability?

This DoS vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8174. An attacker can use this vulnerability to cause a denial of service condition by sending specially-formatted requests that are processed by a vulnerable Windows system. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.

Vulnerability Details

CVE ID: CVE-2018-8174
Affected Products: Windows 10, Windows Server 2016, Windows 10 Servers (x86)
Type: Denial of Service
Summary: A denial of service vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. As a result, an attacker is able to craft a specially-formatted request that, when processed by a vulnerable Windows system, may cause the system to stop responding. This may occur when Windows attempts to process a specially-formatted request (e.g., DNS amplification, email, or instant messaging) and fails to validate the request. An attacker may leverage this vulnerability to create a denial of service condition by sending a specially-formatted request that is processed by a vulnerable Windows system, causing the system to stop responding to legitimate requests. The update addresses the vulnerability by correcting how Windows validates the last-minute check on a ticket. End users can reduce risk by applying the security update.

Overview of the Vulnerability

A denial of service (DoS) vulnerability exists in Windows when Kerberos fails to perform the last-minute check on a ticket. The update addresses this vulnerability by correcting how Windows validates the last-minute check on a ticket.

Symptoms of the Vulnerability

The vulnerability may cause the system to stop responding when a specially-formatted request (e.g., DNS amplification, email, or instant messaging) is processed by Windows. An attacker may leverage this to create a denial of service (DoS) condition by sending a specially-formatted request that is processed by a vulnerable Windows system and causing the system to stop responding to legitimate requests.

Timeline

Published on: 04/15/2022 19:15:00 UTC
Last modified on: 04/22/2022 18:30:00 UTC

References