Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2017-8464
HistoryJun 13, 2017 - 7:00 a.m.

LNK Remote Code Execution Vulnerability

2017-06-1307:00:00
Microsoft
msrc.microsoft.com
34

0.975 High

EPSS

Percentile

100.0%

JSON

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system.

The security update addresses the vulnerability by correcting the processing of shortcut LNK references.

Related

checkpoint_advisories 2
prion 2
symantec 2
canvas 1
zdt 3
trendmicroblog 3
cve 2
cvelist 2
attackerkb 1
mskb 19
openvas 15
cisa_kev 1
osv 1
nessus 20
mscve 84
myhack58 3
securelist 1
malwarebytes 1
rapid7community 3
packetstorm 2
exploitpack 2
metasploit 2
exploitdb 2
cert 1
huawei 1
mssecure 2
mmpc 2
threatpost 2
thn 1
cisa 1
kaspersky 4
qualysblog 2
talosblog 1
checkpoint_advisories
checkpoint_advisories
Microsoft Browser Information Disclosure (CVE-2017-8529)
2017-06-13 00:00:00
Microsoft LNK Remote Code Execution (CVE-2017-8464; CVE-2018-0978)
2017-06-13 00:00:00
prion
prion
Information disclosure
2017-06-15 01:29:00
Remote code execution
2017-06-15 01:29:00
symantec
symantec
Microsoft Internet Explorer and Edge CVE-2017-8529 Information Disclosure Vulnerability
2017-06-13 00:00:00
Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability
2017-06-13 00:00:00
canvas
canvas
Immunity Canvas: SPECIAL_LNK
2017-06-15 01:29:00
zdt
zdt
Microsoft Windows - LNK Shortcut File Code Execution Exploit
2017-07-26 00:00:00
Microsoft Windows - LNK Shortcut File Code Execution Exploit
2017-08-06 00:00:00
Microsoft Windows LNK File Code Execution Exploit
2017-11-09 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 3, 2017
2017-07-07 15:45:09
The Real-World Impact of Bug Bounties and Vulnerability Research
2017-07-06 16:31:43
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017
2017-06-16 12:00:40
cve
cve
CVE-2017-8464
2017-06-15 01:29:00
CVE-2017-8529
2017-06-15 01:29:00
cvelist
cvelist
CVE-2017-8464
2017-06-15 01:00:00
CVE-2017-8529
2017-06-15 01:00:00
attackerkb
attackerkb
CVE-2017-8464
2017-06-15 00:00:00
mskb
mskb
LNK remote code execution vulnerability: June 13, 2017
2017-06-13 07:00:00
Cumulative security update for Internet Explorer: September 12, 2017
2017-09-12 07:00:00
September 12, 2017—KB4038777 (Monthly Rollup)
2017-09-12 07:00:00
openvas
openvas
Microsoft Windows LNK Remote Code Execution Vulnerability (KB4021903)
2017-06-14 00:00:00
Microsoft Windows Multiple RCE Vulnerabilities (KB4022839)
2017-06-16 00:00:00
Huawei Data Communication: Multiple Vulnerabilities Released on Microsoft security advisory 4025685 (huawei-sa-20170909-01-windows)
2020-06-05 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
2022-02-10 00:00:00
osv
osv
CVE-2017-8529
2017-06-15 01:29:04
nessus
nessus
Windows 10 / Windows Server 2016 September 2017 Information Disclosure Vulnerability (CVE-2017-8529)
2020-05-28 00:00:00
KB4022715: Windows 10 Version 1607 and Windows Server 2016 June 2017 (CVE-2017-8529) (deprecated)
2020-01-17 00:00:00
Windows 8 June 2017 Security Updates
2017-06-14 00:00:00
mscve
mscve
Microsoft Browser Information Disclosure Vulnerability
2017-06-13 07:00:00
DirectX Elevation of Privilege Vulnerability
2017-06-19 07:00:00
Microsoft Graphics Component Elevation of Privilege Vulnerability
2017-06-19 07:00:00
myhack58
myhack58
【Major vulnerability warning】Windows two critical remote code execution vulnerability-vulnerability warning-the black bar safety net
2017-06-14 00:00:00
“The seismic network of the third generation”(CVE-2017-8464 several species using the method and prevention-vulnerability and early warning-the black bar safety net
2017-08-07 00:00:00
“The seismic network of the third generation”CVE-2017-8464 vulnerability analysis and early warning-vulnerability warning-the black bar safety net
2017-08-09 00:00:00
securelist
securelist
Threats to users of adult websites in 2018
2019-02-21 10:00:01
malwarebytes
malwarebytes
LemonDuck no longer settles for breadcrumbs
2021-07-30 17:19:31
rapid7community
rapid7community
Metasploit Wrapup
2017-08-11 20:03:59
Patch Tuesday - June 2017
2017-06-14 12:04:23
Patch Tuesday - July 2017
2017-07-12 13:39:36
packetstorm
packetstorm
Microsoft Windows LNK Shortcut File Code Execution
2017-08-01 00:00:00
Microsoft Windows LNK File Code Execution
2017-11-08 00:00:00
exploitpack
exploitpack
Microsoft Windows - .LNK Shortcut File Code Execution (Metasploit)
2017-07-26 00:00:00
Microsoft Windows - .LNK Shortcut File Code Execution
2017-08-06 00:00:00
metasploit
metasploit
LNK Code Execution Vulnerability
2017-08-02 20:46:30
LNK Code Execution Vulnerability
2017-10-05 14:16:31
exploitdb
exploitdb
Microsoft Windows - '.LNK' Shortcut File Code Execution
2017-08-06 00:00:00
Microsoft Windows - '.LNK' Shortcut File Code Execution (Metasploit)
2017-07-26 00:00:00
cert
cert
Microsoft Windows automatically executes code specified in shortcut files
2017-08-03 00:00:00
huawei
huawei
Security Advisory - Multiple Vulnerabilities Released on Microsoft Security Advisory 4025685
2017-06-16 00:00:00
mssecure
mssecure
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
2021-07-29 19:00:59
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
2021-07-22 16:00:57
mmpc
mmpc
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
2021-07-29 19:00:59
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
2021-07-22 16:00:57
threatpost
threatpost
Microsoft Patches Two Critical Vulnerabilities Under Attack
2017-06-13 16:23:28
Self-Propagating Lucifer Malware Targets Windows Systems
2020-06-24 21:20:16
thn
thn
Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month
2017-06-13 23:18:00
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-02-10 00:00:00
kaspersky
kaspersky
KLA11045 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
2017-06-13 00:00:00
KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)
2017-06-13 00:00:00
KLA11046 Multiple vulnerabilities in Microsoft Windows
2017-06-13 00:00:00
qualysblog
qualysblog
Microsoft Fixes 94 Security Issues in Massive June Update
2017-06-13 18:28:02
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
talosblog
talosblog
Microsoft Patch Tuesday - June 2017
2017-06-13 13:48:00

0.975 High

EPSS

Percentile

100.0%

JSON
Related for MS:CVE-2017-8464
checkpoint_advisories2prion2symantec2canvas1zdt3trendmicroblog3cve2cvelist2attackerkb1mskb19openvas15cisa_kev1osv1nessus20mscve84myhack583securelist1malwarebytes1rapid7community3packetstorm2exploitpack2metasploit2exploitdb2cert1huawei1mssecure2mmpc2threatpost2thn1cisa1kaspersky4qualysblog2talosblog1