CVE DATABASE / CVE-2017-8464
CVE-2017-8464
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Confirmed exploited in the wild. Added 2022-02-10.
Federal remediation due 2022-08-10.
Required action: Apply updates per vendor instructions.
Summary
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
CVSS 3.1 breakdown
| Base score | 8.8 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | REQUIRED |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://www.securityfocus.com/bid/98818
- http://www.securitytracker.com/id/1038671
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464
- https://www.exploit-db.com/exploits/42382/
- https://www.exploit-db.com/exploits/42429/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8464
Data: NIST NVD + CISA KEV. NVD last modified 2026-04-22. Always verify against the vendor advisory before acting.