Please see Issue #1922https://github.com/CISecurity/OVALRepo/issues/1922 from the CISecurity OVAL Repo: Incorrect DLL referenced in CVE-2018-0886 for all Windows Versions
Submitted by https://github.com/t3sl45. The text is as follows:
Hello, I'm using the latest OVAL file to scan for CVE-2018-0886 for "CredSSP Remote Code Execution Vulnerability", I've attached the section of the file containing this vulnerability below.
The issue is that Microsoft indicates that credssp.dll is not the file that was updated, the file updated is tspkg.dll. This can be found here (https://support.microsoft.com/en-us/topic/credssp-updates-for-cve-2018-0886-5cbf9e5f-dc6d-744f-9e97-7ba400d6d3ea).
Can this be looked at?
CVE-2018-0886.txt
Thank you!
Jan Cooper
Sr. Software Engineer - Optimus
31 Tech Valley Drive
East Greenbush, NY 12061
Jan.Cooper@cisecurity.org<mailto:Jan.Cooper@cisecurity.org>
518-516-3083
[signature_1336986160]https://www.cisecurity.org/
[signature_446125074] https://www.linkedin.com/company/the-center-for-internet-security/ [signature_1797773547] https://twitter.com/CISecurity [signature_2131813201] https://www.facebook.com/CenterforIntSec [signature_1949181898] https://www.youtube.com/user/TheCISecurity [signature_264086150] https://www.instagram.com/cisecurity
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.