Microsoft Windows Saved Search Remote Code Execution

  Severity: CRITICAL
  CVE Identifier: CVE-2008-1435,MS08-038
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1002622
  Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution

  AFFECTED SOFTWARE AND VERSION

  • microsoft windows-nt 2008
  • microsoft windows_vista