Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8463: Windows Explorer Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2017-8463: Windows Explorer Remote Code Execution Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

07/11/2017

Created

07/25/2018

Added

07/11/2017

Modified

11/18/2021

Description

A remote code execution vulnerability exists when Windows Explorer improperly handles executable files and shares during rename operations. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another user. Users not running as administrators would be less affected. To exploit this vulnerability, an attacker would first share both a folder and malware named with an executable extension, and then trick the user into thinking that the malware was the folder. The attacker could not force the user to open or browse the share but could use email or instant messages to trick them into doing so. The update addresses the vulnerability by correcting how Windows Explorer handles executable files and shares during rename operations.

Solution(s)

msft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2
msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696
msft-kb4025333-a8091733-a526-4480-afe7-72a1b3385439
msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839
msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62
msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3
msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303
msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1
msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584
msft-kb4025338-56ce2a02-e893-484d-8005-0fc74468cc84
msft-kb4025338-db3c2241-b6c1-4a6d-83b4-93b1ce46434b
msft-kb4025339-84c1a786-79d4-4d94-9a75-fc900083816f
msft-kb4025339-a44d500f-fc5d-4fe4-90cb-991568e9cb58
msft-kb4025339-d6677d54-ce7a-4774-a696-84de34eff033
msft-kb4025342-25acae93-40d4-4e62-814c-efb2f29f1bca
msft-kb4025342-682dbdab-6814-494b-84d5-8fb43c070c35
msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888
msft-kb4025343-733ef1e8-2bb5-4f7e-ae77-70a3fd4f05c6
msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30ab
msft-kb4025344-747ff6a4-ff7b-4405-af04-2a85d1a6f6ad
msft-kb4025344-b43ab510-8532-4035-a512-0bdf731245e9
msft-kb4025497-3a399d3f-b814-4255-be27-6086e8baa989
msft-kb4025497-78e90929-6ad6-4b18-b157-6240eb470c16
msft-kb4025497-ca9295b1-0efd-4e65-a47c-6e171d8893e8
msft-kb4025497-d310db6b-2b45-4aa9-b67e-3effbaf7b5e1

References

https://attackerkb.com/topics/cve-2017-8463
CVE - 2017-8463
4025331
4025333
4025336
4025337
4025338
4025339
4025341
4025342
4025343
4025344
4025497

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8463: Windows Explorer Remote Code Execution Vulnerability

Microsoft CVE-2017-8463: Windows Explorer Remote Code Execution Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.