Windows Search Vulnerability Identified

  |  Source: 

Windows Search Vulnerability Identified

Industry: N/A | Level: Tactical | Source: BleepingComputer

Reported by BleepingComputer, a Windows search vulnerability has been identified to enable a search window containing malicious code to be executed from launching a Word document. "The security issue can be leveraged because Windows supports a URI protocol handler called 'search-ms' that allows applications and HTML links to launch customized searches on a device. While most Windows searches will look on the local device's index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window." A targeted victim would have to manually execute the executable file and accept the security prompt for the attacker's remote application to run.

Anvilogic Use Cases:

  • Rare executable from Microsoft Office

Get trending threats published weekly by the Anvilogic team.

Sign Up Now