Trend Micro Security

Microsoft Windows Saved Search Remote Code Execution

  危険度: : 緊急
  CVE識別番号: CVE-2008-1435,MS08-038

  概要

Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1002622
  Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution

  影響を受けるソフトウェア

  • microsoft windows-nt 2008
  • microsoft windows_vista