Severity: : Critical
  CVE Kennungen: : CVE-2008-1435,MS08-038
  Advisory Date: 21 de lipca de 2015

  DESCRIPTION

Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1002622
  Trend Micro Deep Security DPI Rule Name: 1002622 - Microsoft Windows Saved Search Remote Code Execution

  AFFECTED SOFTWARE AND VERSION:

  • microsoft windows-nt 2008
  • microsoft windows_vista