Intrusion Prevention

MS.RPC.UTC.DoS

Description

This indicates an attack attempt to exploit a denial of service vulnerability in Microsoft Windows Universal Telemetry Client (UTC).
The vulnerability is due to an insufficient validation on user input when the attacker sent malicious RPC request. Any unprivileged user is allowed to terminate UTC service upon successful exploitation of the vulnerability.

Affected Products

Microsoft Windows 10 (32-bit editions)
Microsoft Windows 10 (64-bit editions)

Impact

System Compromise: Local authenticated attackers can cause denial of service

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8612

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Detail
2018-12-28	13.515	Default_action:pass:drop
2018-11-23	13.497

ID	47123
Created	Nov 23, 2018
Updated	May 02, 2022
Risk
CVE ID
Default Action	drop
Active
Affected OS	Windows
Affected App	Other