vulnerability

Microsoft Windows: CVE-2018-8231: HTTP Protocol Stack Remote Code Execution Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jun 12, 2018	Jun 12, 2018	Sep 5, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jun 12, 2018

Added

Jun 12, 2018

Modified

Sep 5, 2025

Description

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Solutions

microsoft-windows-windows_10-1507-kb4284860microsoft-windows-windows_10-1607-kb4284880microsoft-windows-windows_10-1703-kb4284874microsoft-windows-windows_10-1709-kb4284819microsoft-windows-windows_10-1803-kb4284835microsoft-windows-windows_server_2016-1607-kb4284880

References

BID-104373
CVE-2018-8231
https://attackerkb.com/topics/CVE-2018-8231
https://support.microsoft.com/help/4284819
https://support.microsoft.com/help/4284835
https://support.microsoft.com/help/4284860
https://support.microsoft.com/help/4284874
https://support.microsoft.com/help/4284880

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report