virus logo Intrusion Prevention

MS.Windows.GDI.EMR_HEADER.Information.Disclosure

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in Microsoft Windows.
The vulnerability is due to an error in the application when handling a crafted file. A remote attacker can exploit this to gain unauthorized access to sensitive information, via a crafted file.

affected-products-logoAffected Products

Microsoft Windows Server version 1803
Microsoft Windows Server version 1709
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows RT 8.1
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8595

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-07 14.544 Default_action:pass:drop
2019-01-10 14.521
ID 47318
Created Jan 11, 2019
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2018-8595
Exploit Prediction Score 7.48%
Default Action drop
Active
Affected OS Windows
Affected App Other