A new Windows Search zero-day vulnerability can be used to open a search window containing remotely-hosted malware executables simply by launching a Word document. Windows supports a protocol handler called’search-ms’ that allows applications and HTML links to launch customized searches on a device. A customized search window will appear when this command is executed from a Run dialog or web browser address bar on Windows 7, Windows 10, and Windows 11. Threat actors could use this same approach for malicious attacks, where phishing emails are sent pretending to be security updates or patches that need to be installed. To mitigate this vulnerability, Hickey says you can use the same vulnerability-mitigation for ms-msdt exploits for the same type of exploit to delete the same . . .
Read more at www.bleepingcomputer.com
