CVE-2018-8450

Name of the Vulnerable Software and Affected Versions Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description The issue is related to errors in handling objects in memory by the Windows Search component, allowing a remote attacker to execute arbitrary code using specially crafted messages to the search service, including via SMB connections. This can affect the system, enabling remote code execution.

Recommendations For Windows 7, update to a newer version to mitigate the risk. For Windows Server 2012 R2, apply the recommended patch. For Windows RT 8.1, consider disabling the Windows Search service until a patch is available. For Windows Server 2008, restrict access to the SMB connection to minimize the risk of exploitation. For Windows Server 2012, avoid using the vulnerable Windows Search component until the issue is resolved. For Windows 8.1, apply the recommended configuration changes to the Windows Search service. For Windows Server 2016, update to a newer version to mitigate the risk. For Windows Server 2008 R2, consider temporarily disabling the Windows Search service. For Windows 10, apply the recommended patch. For Windows 10 Servers, restrict access to the Windows Search component to minimize the risk of exploitation.