危険度:
  CVE識別番号: CVE-2008-4269,MS08-075
  情報公開日: 2 15, 2011

  概要

The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability." 

Based on MS08-075,  Windows Search Parsing Vulnerability - CVE-2008-4269 is a remote code execution vulnerability exists in Windows Explorer that allows an attacker to construct a malicious web page that includes a call to the search-ms protocol handler. The protocol handler in turn passes untrusted data to Windows Explorer.

  トレンドマイクロの対策

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003115
  Trend Micro Deep Security DPI Rule Name: 1003115 - Windows Search Parsing Vulnerability

  影響を受けるソフトウェア

  • microsoft windows_server_2008
  • microsoft windows_vista