Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft Windows Saved Search Remote Code Execution Vulnerability
Date Discovered: 07/08/2008
Severity: Medium
Operating Systems Affected: Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Microsoft Windows Server 2008 x64-based Systems
Microsoft Windows Server 2008 Itanium-based Systems
Synopsis
Remote code execution vulnerability exists when saving a specially crafted search file within Windows Explorer. This operation causes Windows Explorer to exit and restart in an exploitable manner.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-038.mspx
Threat Analysis
Windows search is a standard component of Windows Vista and Windows Server 2008 that is enabled by default. Windows Search allows instant search capabilities for most common file and data types such as e-mail, contacts, calendar appointments, documents, photos, multimedia, and other formats extended by third parties.

Remote code execution vulnerability exists when saving a specially crafted search file within Windows Explorer. The Windows Explorer does not correctly parse search files when saving them. This vulnerability requires that a user open and save a specially crafted saved-search file with an affected version of Windows Explorer.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change or delete data or create new accounts with full user rights.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1435

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map