CVE-2017-8589

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version, including Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 versions prior to the fixed version, including Gold, 1511, 1607, 1703, and Windows Server 2016

Description The issue is related to the way Windows Search handles objects in memory, allowing a remote code execution. This can be exploited by a remote attacker to execute arbitrary code on the system.

Recommendations For Windows 7 SP1, update to a version that includes the fix for this issue. For Windows Server 2008 SP2 and R2 SP1, update to a version that includes the fix for this issue. For Windows 8.1 and Windows RT 8.1, update to a version that includes the fix for this issue. For Windows Server 2012 and R2, update to a version that includes the fix for this issue. For Windows 10 Gold, 1511, 1607, 1703, update to a version that includes the fix for this issue. For Windows Server 2016, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Windows Search component until a patch is available.