Check Point Advisories

Workaround for Microsoft Windows Saved Search Remote Code Execution Vulnerability (MS08-075)

Check Point Reference: SBP-2008-14
Date Published: 9 Dec 2008
Severity: High
Last Updated: Tuesday 01 January, 2008
Source: Microsoft Security Bulletin MS08-075
Industry Reference:CVE-2008-4268
Protection Provided by:
Who is Vulnerable? Windows Vista
Windows Vista SP1
Windows Vista x64 Edition
Windows Vista x64 Edition SP1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 (Itanium)
Vulnerability Description A remote code execution vulnerability was reported in the way Windows Explorer saves specially crafted search files. Windows Search is a standard component of Windows Vista that allows instant search capabilities for most common file and data types. Windows Search has XML-based files that save information about a search in Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system via a specially crafted search file.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS08-075
Vulnerability DetailsThe vulnerability is due to an error in Windows Explorer that does not correctly free memory when saving Windows Search files. A remote attacker can exploit this issue by persuading the victim to open and save a specially crafted saved-search file. Successful exploitation of this vulnerability may allow the attacker to take complete control over the affected system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.