Published: 08/08/2017 Updated: 20/03/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1511
microsoft windows server 2008 r2
microsoft windows server 2012 -
microsoft windows server 2012 r2
microsoft windows server 2016 -
microsoft windows 10 1703
microsoft windows 7 -
microsoft windows 8.1 -
microsoft windows rt 8.1 -
microsoft windows 10 -
microsoft windows 10 1607
microsoft windows server 2008 -

It's 2017 and Hyper-V can be pwned by a guest app, Windows by a search query, Office by...

The Register • Shaun Nichols in San Francisco • 08 Aug 2017

Update IE, Edge, Windows, SQL Server, Office and – of course – Flash

Patch Tuesday Microsoft has released the August edition of its Patch Tuesday update to address security holes in multiple products. Folks are urged to install the fixes as soon as possible before they are exploited. Among the flaws are remote code execution holes in Windows, Internet Explorer/Edge and Flash Player, plus a guest escape in Hyper-V. Of the 48 patches issued by Redmond, 25 are rated as critical security risks. Those 25 critical issues include a remote code execution vulnerability fo...

CVE-2017-8620

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect