|
|
|||
| Rule General Information |
|---|
| Release Date: | 2017-12-12 | |
| Rule Name: | Microsoft Windows Search Heap Buffer Overflow Vulnerability - 2 (CVE-2017-8543) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability". | |
| Impact: | A heap buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:98824 SecurityTrackerID:1038667 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543 |
|
| Solutions |
|---|
| Apply the patch Windows KB4022719 to eliminate this problem. |