CVE DATABASE / CVE-2017-8543
CVE-2017-8543
Microsoft Windows Search Remote Code Execution Vulnerability
Confirmed exploited in the wild. Added 2022-05-24.
Federal remediation due 2022-06-14.
Required action: Apply updates per vendor instructions.
Summary
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
CVSS 3.1 breakdown
| Base score | 9.8 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://www.securityfocus.com/bid/98824
- http://www.securitytracker.com/id/1038667
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8543
Data: NIST NVD + CISA KEV. NVD last modified 2026-04-22. Always verify against the vendor advisory before acting.