Categories: NewsSecurity

Microsoft Fixes Windows Search Vulnerability to Prevent Remote Code Execution

Windows users often find themselves rather annoyed when Microsoft decides to release an update suddenly. Depending on one’s computer settings, these updates may be installed automatically and force a reboot of one’s computer. Some of these updates are more important than others, however. The most recent update is highly important as it fixes a Windows search vulnerability related to addresses remote execution.

Emergency Windows Update Will Save a lot of Users

Virtually every Windows user benefits from the built-in search option the operating system provides. Searching for documents, files, or programs has become a lot more convenient ever since Windows implemented this feature. However, it turns out the Windows search function suffers from a major flaw which allows assailants to remotely execute code against a computer or server. In that scenario, the hacker would gain complete control of the computer in question.

Microsoft’s August Patch Tuesday update includes four dozen different patches. Over half of these are critical updates, most of which directly relate to remote code execution vulnerabilities. Knowing that an attacker could take over your computer and all of its functions without you noticing is worrying. Thankfully, that should no longer be the case for people who installed this update. Of course, there will likely be other vulnerabilities found in the future.

None of the 48 exploits addressed in this update were used by assailants, according to Microsoft. Given the tenacity and creativity of hackers, that is nothing short of a small miracle. The major vulnerability that required fixing was 

Related Post
CVE-2017-8620 and related to objects stored in the Windows Search function. A hacker would have needed to send a special message to the Windows Search service. Successfully doing so would have given him or her full control over the computer, whether an at-home device or a company server.

This particular exploit affects multiple versions of Windows 10, Windows Server 2012 and Windows Server 2016. Anyone running any of these operating systems should update their installation as quickly as possible. Failure to do so allows assailants to leverage SMB connectivity as an attack vector. We have seen what ransomware types such as WannaCry can do with such a flaw, and no one wants a repeat of that scenario by any means.

Issues such as the Windows Search flaw could severely impact cryptocurrency users in particular. If an attacker were to control a computer used to store one or more cryptocurrency wallets, he or she could empty said wallet without requiring additional authentication. This is part of the reason why hardware wallets — or well secured paper wallets — are always the best option when it comes to storing Bitcoin and other cryptocurrencies. These tools interface with a computer yet have remained immune to malware and hacking so far.

It is good to see Microsoft paying attention to potentially catastrophic flaws. It is unclear how long the Windows Search vulnerability has been known, but it will not cause any more harm to people who install these most recent updates. Having such a vital aspect of the Microsoft Windows operating system affected by a loophole could have had disastrous effects. As much as we all hate the computer delays caused by Windows updates, you might want to get this one as soon as possible.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

OKX Wallet Sees Whales Massive Moves; More on Plus Wallet & Coinbase  

Plus Wallet Impresses with its Speedy 15-Min Token Listings While Coinbase Unveils AI Tool &…

3 hours ago

100% Bonus with BlockDAG! Ethereum Eyes Breakout, Sui Plans To Expand

BlockDAG Rolls Out Limited Time 100% Bonus For Community While Ethereum Price Looks Bullish &…

4 hours ago

Best Crypto Wallets 2024: Top Choices for Security & Rewards

The 5 Best Crypto Wallets Worth Using in 2024 — Find Out Why Selecting a…

5 hours ago

Ethereum Ecosystem Primed For A November Rally – ETH Coins Chainlink (LINK), Toncoin (TON), And Cutoshi (CUTO) The Ones To Watch

With a Total Value Locked (TVL) of $50.72B, Ethereum is the world's largest blockchain, with…

12 hours ago

Analysts Predict a Rollblock 5000% Surge Dwarfing Pepe Coin and Popcat Recent Fame

The meme coin market has recently been surging once again; tokens such as Pepe and…

22 hours ago

FLOKI Dominates Meme Market as Rollblock ICO Skyrockets. Is Polkadot Losing Its Edge?

The FLOKI price has recorded over 300% yearly ROI, dominating crypto gains in the meme…

22 hours ago