Zero-day vulnerability in Windows

Buffer overflow

Vulnerability details

Advisory: SB2017061407 - Remote code execution in Windows Search service

Vulnerable component: Windows

CVE-ID: CVE-2017-8543

CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer


The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when Windows Search handles objects in memory. A remote unauthenticated attacker can send specially crafted messages to the Windows Search service and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: this vulnerability is being actively exploited in the wild.

Latest references in media:

- Critical Windows Search and Hyper-V Vulnerabilities Tackled by AugustтАЩs Patch Tuesday [2017-08-09 17:51:16]

- Plenty to Patch as Microsoft and Adobe Fix 115 Vulnerabilities [2017-08-09 11:30:03]

- Microsoft Patches Windows Search Flaw Exploited in Attacks [2017-08-08 21:21:17]

- Microsoft Patches Windows XP Again As Part of June Patch Tuesday [2017-06-20 08:20:13]

- Microsoft Patches Windows XP Again As Part of June Patch Tuesday [2017-06-15 02:20:07]

- Microsoft Patches Critical Vulnerabilities Exploited By Stolen NSA Tools [2017-06-14 17:30:03]

- June 2017 – Microsoft Patch Tuesday [2017-06-14 17:00:24]

- Update Now! Critical Microsoft and Adobe Security Flaws You Need to Patch this Month [2017-06-14 12:30:02]

- Microsoft Extends Patch Tuesday to Outdated Platforms [2017-06-14 11:20:27]

- Windows XP Receives Patches for More 'Shadow Brokers' Exploits [2017-06-14 11:10:36]

- Microsoft patches two critical remote code execution (RCE) flaws that have been exploited in attacks [2017-06-14 08:00:26]

- Microsoft's June Patch Tuesday Fixes Two Vulnerabilities Used in Live Attacks [2017-06-14 02:10:59]

- It's June of 2017, and Microsoft is still patching Windows XP [2017-06-14 00:40:01]

- Microsoft Issues Windows XP Security Updates for Previously Ignored NSA Hacking Tools [2017-06-13 22:51:13]

- Microsoft Patches Two Critical Vulnerabilities Under Attack [2017-06-13 22:30:32]

- Microsoft, Adobe Ship Critical Fixes [2017-06-13 22:00:47]

- Microsoft Patches Windows Flaws Exploited in Attacks [2017-06-13 21:10:09]

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.