SMB: Microsoft Windows Search Type Confusion
A remote code execution vulnerability has been reported in the Windows Search service of Microsoft Windows. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system. Successful exploitation results in arbitrary code execution under the context of SYSTEM.
Extended Description
Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
Affected Products
Microsoft windows_server_2016
Short Name
SMB:MICROSOFT-WS-TYPECONFUSION
Severity
Major
Recommended
True
Recommended Action
Drop
Category
SMB
Keywords
CVE-2017-11771 CVE-2017-8620 Confusion Microsoft Search Type Windows bid:100034 bid:101114
Release Date
08/29/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3
10.0