Check Point Advisories

Update Protection against Microsoft Windows Saved Search Vulnerability (MS08-038)

Check Point Reference: CPAI-2008-093
Date Published: 9 Jul 2008
Severity: Critical
Last Updated: Friday 22 August, 2008
Source: Microsoft Security Bulletin MS08-038
Industry Reference:CVE-2008-1435
Protection Provided by:
Who is Vulnerable? Windows Vista
Windows Vista SP1
Windows Vista x64 Edition
Windows Vista x64 Edition SP1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 (Itanium)
Vulnerability Description A remote code execution vulnerability was reported in the way Windows Explorer saves specially crafted search files. Windows Search is a standard component of Windows Vista that allows instant search capabilities for most common file and data types. Windows Search has XML-based files that save information about a search in Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system via a specially crafted search file.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS08-038
Vulnerability DetailsThe vulnerability is due to an error in the Windows Explorer that fails to properly parse search files when saving them. A remote attacker can exploit this issue by persuading the victim to open and save a specially crafted saved-search file. Successful exploitation of this vulnerability may allow the attacker to take complete control over the affected system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.