【Major vulnerability warning】Windows two critical remote code execution vulnerability-vulnerability warning-the black bar safety net

Microsoft 6, on patch day the disclosure of the two being the use of a remote code execution vulnerability(CVE-2017-8543)Windows Search remote code execution vulnerability(CVE-2017-8464)LNK file shortcut remote code execution vulnerability.
Vulnerability name: Windows Search remote code execution vulnerability
Vulnerability ID: CVE-2017-8543
Vulnerability rating: Critical
Vulnerability summary: Windows Search service for WSS is windows A enabled by default for basic services. Allows the user in a plurality of Windows of service between the client and the search. When Windows Search handle objects in memory, there is a remote code execution vulnerability. Successful exploitation of this vulnerability an attacker can control an affected system.
In order to exploit this vulnerability, an attacker may be able to the Windows Search service to send a carefully the structure of the SMB message. To exploit this vulnerability to elevate privileges and control of the computer. In addition, in the enterprise scenario, an unauthenticated attacker can pass the SMB service to connect the remote trigger the vulnerability, and then control the target computer.
The affected version
Desktop: Windows 10, 7, 8, 8.1, Vista, Xp, and Windows RT 8.1
Server System: Windows Server 2016, and in 2012, 2008, 2003
Repair solutions:
Desktop Windows 10, 7, 8.1 and Windows RT 8.1; Server System: Windows Server 2016, the 2012, the 2008, can through the Windows Update Automatic Updates Microsoft patch way to repair.
Windows 8, Vista, Xp and Windows Server 2003 can select the corresponding version and then manually update the patches to be updated
（Patch download address reference https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
Vulnerability name: LNK file shortcut remote code execution vulnerability
Vulnerability ID: CVE-2017-8464
Vulnerability rating: Critical
Vulnerability summary: if a user open an attacker carefully constructed malicious LNK files, it will result in remote code execution. Successful exploitation of this vulnerability an attacker can get the local user with the same user permissions.
The attacker can be through removable drives, USB flash drive or a remote share, etc. containing a malicious LNK files and associated malicious binary file is propagated to the user. When the user through Windows Explorer or any be able to parse LNK files to the program open a malicious. LNK file, associated with the malicious binary code on the target system execution.
The affected version
Desktop: Windows 10, 7, 8.1, 8, Vista, and Windows RT 8.1
Server System: Windows Server 2016, the 2012, the 2008
Repair solutions:
Desktop Windows 10,7,8. 1, and Windows RT 8.1; Server System: Windows Server 2016, the 2012, the 2008, can through the Windows Update Automatic Updates Microsoft patch way to repair.
Windows 8, Vista can select the corresponding version and then manually update the patches to be updated
（Patch download address reference https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
Reference
https://threatpost.com/microsoft-patches-two-critical-vulnerabilities-under-attack/126239/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464
https://support.microsoft.com/zh-cn/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms