CVE-2017-8699

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version, including Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016

Description The issue arises due to insufficient validation of file copy destinations by the Windows Shell, allowing an attacker to execute arbitrary code in the context of the current user. This can be achieved by exploiting the vulnerability with specially crafted content.

Recommendations For Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.