A new Windows Search zero-day is giving Microsoft another security headache

02

Jun

2022

A new Windows Search zero-day is giving Microsoft another security headache

image credit: pixabay

When used in synergy, two recently discovered Windows flaws allow threat actors to run malware on a target endpoint(opens in new tab), researchers have found.

The two flaws are a Windows Search zero-day, and a Microsoft Office OLEObject flaw.

Through the use of a weaponized Word document, the Search zero-day can be used to automatically open a search window with a remotely hosted malware. This was made possible due to how Windows handles a URI protocol handler called “search-ms”.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

A new Windows Search zero-day is giving Microsoft another security headache

Categories

Featured

Archives

Latest Comments

About Us

Contact Us