Microsoft Fixes Windows Search Vulnerability to Prevent Remote Code Execution

Windows users often find themselves rather annoyed when Microsoft decides to release an update suddenly. Depending on one’s computer settings, these updates may be installed automatically and force a reboot of one’s computer. Some of these updates are more important than others, however. The most recent update is highly important as it fixes a Windows search vulnerability related to addresses remote execution.

Emergency Windows Update Will Save a lot of Users

Virtually every Windows user benefits from the built-in search option the operating system provides. Searching for documents, files, or programs has become a lot more convenient ever since Windows implemented this feature. However, it turns out the Windows search function suffers from a major flaw which allows assailants to remotely execute code against a computer or server. In that scenario, the hacker would gain complete control of the computer in question.

Microsoft’s August Patch Tuesday update includes four dozen different patches. Over half of these are critical updates, most of which directly relate to remote code execution vulnerabilities. Knowing that an attacker could take over your computer and all of its functions without you noticing is worrying. Thankfully, that should no longer be the case for people who installed this update. Of course, there will likely be other vulnerabilities found in the future.

None of the 48 exploits addressed in this update were used by assailants, according to Microsoft. Given the tenacity and creativity of hackers, that is nothing short of a small miracle. The major vulnerability that required fixing was CVE-2017-8620 and related to objects stored in the Windows Search function. A hacker would have needed to send a special message to the Windows Search service. Successfully doing so would have given him or her full control over the computer, whether an at-home device or a company server.

This particular exploit affects multiple versions of Windows 10, Windows Server 2012 and Windows Server 2016. Anyone running any of these operating systems should update their installation as quickly as possible. Failure to do so allows assailants to leverage SMB connectivity as an attack vector. We have seen what ransomware types such as WannaCry can do with such a flaw, and no one wants a repeat of that scenario by any means.

Issues such as the Windows Search flaw could severely impact cryptocurrency users in particular. If an attacker were to control a computer used to store one or more cryptocurrency wallets, he or she could empty said wallet without requiring additional authentication. This is part of the reason why hardware wallets — or well secured paper wallets — are always the best option when it comes to storing Bitcoin and other cryptocurrencies. These tools interface with a computer yet have remained immune to malware and hacking so far.

It is good to see Microsoft paying attention to potentially catastrophic flaws. It is unclear how long the Windows Search vulnerability has been known, but it will not cause any more harm to people who install these most recent updates. Having such a vital aspect of the Microsoft Windows operating system affected by a loophole could have had disastrous effects. As much as we all hate the computer delays caused by Windows updates, you might want to get this one as soon as possible.