CVE-2018-6628 : Security Advisory and Response

Micropoint proactive defense software version 2.0.20266.0146 is vulnerable to a denial of service attack due to a driver file issue. Learn about the impact, technical details, and mitigation steps.

Understanding CVE-2018-6628

This CVE involves a vulnerability in Micropoint proactive defense software version 2.0.20266.0146 that can be exploited by local users.

What is CVE-2018-6628?

The driver file (mp110005.sys) in Micropoint proactive defense software version 2.0.20266.0146 allows local users to trigger a denial of service (BSOD) or potentially cause other unspecified consequences due to input value verification absence from IOCtl 0x8000010c.

The Impact of CVE-2018-6628

This vulnerability can lead to a denial of service (BSOD) or other unspecified impacts when exploited by local users.

Technical Details of CVE-2018-6628

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The driver file (mp110005.sys) in Micropoint proactive defense software version 2.0.20266.0146 lacks input value verification from IOCtl 0x8000010c, enabling local users to exploit it.

Affected Systems and Versions

Product: Micropoint proactive defense software
Vendor: Not applicable
Version: 2.0.20266.0146

Exploitation Mechanism

Local users can exploit this vulnerability by manipulating input values from IOCtl 0x8000010c.

Mitigation and Prevention

Protect your system from CVE-2018-6628 with these mitigation strategies.

Immediate Steps to Take

Disable unnecessary services to reduce attack surface
Implement the principle of least privilege for user accounts
Monitor system logs for unusual activities

Long-Term Security Practices

Regularly update software and apply security patches
Conduct security training for users to recognize and report suspicious activities

Patching and Updates

Ensure you apply the latest patches and updates provided by the software vendor to address this vulnerability.