An exploitable heap corruption exists in the LoadIntegrityInfo function of wimgapi version 10.0.16299.15 (WinBuild.160101.0800). A crafted WIM image can lead to a heap corruption, resulting in direct code execution.
This vulnerability is present in the
wimgapi DLL, which is used for performing operations on Windows Imaging Forma (WIM) files. WIM is a file-based disk image format created by Microsoft to simplify the deployment of Windows systems. There is a vulnerability in the LoadIntegrityInfo function that manifests during the parsing of the WIM file header. A specially crafted WIM file can lead to a heap corruption and remote code execution. The vulnerability triggers even on the simplest operations performed on malformed WIM file because its related to file header parsing.
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos.
Further details and updates – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8210
Duncan is a technology professional with over 20 years experience of working in various IT roles. He also has a wide range of other skills in radio, electronics and telecommunications.