Another Windows protocol vulnerability emerges; this time it is a Windows Search zero-day

Following on from the Follina security flaw, another Windows zero-day vulnerability has come to light. Dubbed SearchNightmare, the issue allows the search-ms URI protocol handler to be used to launch remotely hosted malware-ridden executables via a search window. The protocol is normally used to perform local searches, but it can also be used to do the same with shared files on a remote host. An attacker could easily trick a victim into clicking a search-ms URI, and a method has been found to bypass the security warning that should be displayed by default. See also: 0patch releases free fix for… [Continue Reading]