vulnerability
Microsoft CVE-2018-8546: Microsoft Skype for Business Denial of Service Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Nov 13, 2018 | Nov 13, 2018 | Dec 31, 2018 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Nov 13, 2018
Added
Nov 13, 2018
Modified
Dec 31, 2018
Description
A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights.
For an attack to be successful, this vulnerability requires that a user sends a number of emojis in the affected version of Skype for Business.
The security update addresses the vulnerability by correcting how Skype for Business handles emojis.
Solutions
msft-kb4461487-0e08f9c1-02b8-4edf-976a-6fe47702d8fcmsft-kb4461487-1bc5dd48-cccb-4e39-88ed-678e1ddbb400
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.