← back
CVE-2017-8543

CVE-2017-8543

CVSS 9.8 CRITICALEPSS 73.8%● KEVCWE-281
In short

Windows Search has a memory handling flaw that lets attackers run harmful code on your computer without you doing anything. This is extremely dangerous because it gives full control of your system to the attacker.

Technical detail

A memory corruption vulnerability in Windows Search allows remote code execution through improper object handling. An attacker can exploit this via crafted content (e.g., malicious files indexed by Search) to achieve arbitrary code execution with the privileges of the affected process, impacting all listed Windows versions from XP through Windows 10/Server 2016.

Summary generated and translated by AI from the official description.
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft Corporation · Microsoft Windows
public PoCs found1
githubgithub.com/americanhanko/windows-security-cve-2017-85430
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8543http://www.securityfocus.com/bid/98824http://www.securitytracker.com/id/1038667