CVE-2017-8591

Name of the Vulnerable Software and Affected Versions Windows Input Method Editor (IME) versions in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 versions 1511, 1607, and 1703, and Windows Server 2016

Description The issue arises when the Windows Input Method Editor (IME) fails to properly handle objects in memory, allowing remote attackers to execute arbitrary code and affect the system.

Recommendations For Windows 8.1, consider applying configuration changes to restrict access to the IME until a patch is available. For Windows Server 2012 Gold and R2, restrict the use of IME in sensitive environments to minimize the risk of exploitation. For Windows RT 8.1, Windows 10 versions 1511, 1607, and 1703, and Windows Server 2016, apply the recommended patch or update as soon as it becomes available to resolve the issue.