Avatar

Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS.

An attacker can craft a malicious portable executable file, which if accessed causes AHCACHE.SYS to attempt to access out of scope memory. This triggers a bugcheck in the Windows kernel causing the system to crash, denying service to the user. Although AHCACHE.SYS is the driver that handles local cache compatibility information, if the vulnerability is exploited the attacker is unable to execute code or elevate user privileges.

<<Read More>>



Authors

Talos Group

Talos Security Intelligence & Research Group