8.8 CVE-2017-8464
CISA Kev Catalog Used by Malware Patch Exploit
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
https://nvd.nist.gov/vuln/detail/CVE-2017-8464
Categories
CWE-NVD-noinfo
References
134c704f-9b21-4f2e-91b3-4a467353bcc0
af854a3a-2127-422b-91ae-364da2661108 Patch Exploit
| http://www.securityfocus.com/bid/98818 Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1038671 Third Party Advisory VDB Entry |
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464 Patch Vendor Advisory |
| https://www.exploit-db.com/exploits/42382/ Exploit Third Party Advisory VDB Entry |
| https://www.exploit-db.com/exploits/42429/ Exploit Third Party Advisory VDB Entry |
secure@microsoft.com Patch Exploit
| http://www.securityfocus.com/bid/98818 Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1038671 Third Party Advisory VDB Entry |
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464 Patch Vendor Advisory |
| https://www.exploit-db.com/exploits/42382/ Exploit Third Party Advisory VDB Entry |
| https://www.exploit-db.com/exploits/42429/ Exploit Third Party Advisory VDB Entry |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:o:microsoft:windows_10_1511:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_10_1703:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* | ||
REMEDIATION
Patch
| Url |
|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464 |
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464 |
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| https://github.com/doudouhala/CVE-2017-8464-exp-generator |
| https://github.com/X-Vector/usbhijacking |
Other Nist (github, ...)
| Url |
|---|
| https://www.exploit-db.com/exploits/42382/ |
| https://www.exploit-db.com/exploits/42429/ |
| https://www.exploit-db.com/exploits/42382/ |
| https://www.exploit-db.com/exploits/42429/ |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
