fr en

KEV · Actively exploited

CVE-2018-8174

CRITICAL 7.5 KEV Published on 2018-05-08

Windows VBScript Engine Remote Code Execution Vulnerability

EPSS 94.28% exploit likely percentile 99.9%

CISA Known Exploited Vulnerability

Added to KEV: 2022-02-15
Remediation deadline: 2022-08-15
Required action: Apply updates per vendor instructions.
Ransomware: Yes, known ransomware campaign

OS versions that fix this CVE

This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.

Windows Fixed in Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 1803 · 2018-03 Windows 10 1709 · 2017-09 Windows 10 1703 · 2017-03 Windows 10 1607 · 2016-07

View on NVD ↗ CISA KEV catalog ↗