Cisco Blogs

Vulnerability Spotlight: Windows 10 Remote Denial of Service

November 2, 2016 - 3 Comments

Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS.

An attacker can craft a malicious portable executable file, which if accessed causes AHCACHE.SYS to attempt to access out of scope memory. This triggers a bugcheck in the Windows kernel causing the system to crash, denying service to the user. Although AHCACHE.SYS is the driver that handles local cache compatibility information, if the vulnerability is exploited the attacker is unable to execute code or elevate user privileges.

<<Read More>>


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Thank you for the info. I hope the vulnerability has been corrected on major windows 10 out there. We need to take it to the social networks so that users, administrators can aware. Thanks

    • Thanks for the comment. Our disclosures always comply with Cisco’s responsible disclosure policy. This particular vulnerability was patched in MS’s September patch Tuesday.

  2. We see many remote code execution vulnerabilities and as usual