vulnerability

Microsoft Windows: CVE-2018-8495: Windows Shell Remote Code Execution Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	Oct 9, 2018	Oct 9, 2018	Sep 5, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

Oct 9, 2018

Added

Oct 9, 2018

Modified

Sep 5, 2025

Description

A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Solutions

microsoft-windows-windows_10-1607-kb4462917microsoft-windows-windows_10-1703-kb4462937microsoft-windows-windows_10-1709-kb4462918microsoft-windows-windows_10-1803-kb4462919microsoft-windows-windows_server_2016-1607-kb4462917

References

BID-105461
CVE-2018-8495
https://attackerkb.com/topics/CVE-2018-8495
CWE-22
URL-https://support.microsoft.com/help/4462917
URL-https://support.microsoft.com/help/4462918
URL-https://support.microsoft.com/help/4462919
URL-https://support.microsoft.com/help/4462937

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today