Microsoft announced the vulnerability CVE-2017-8487 on Patch Tuesday on June 13, 2017. Attackers can exploit this vulnerability to run arbitrary code in the context of the affected application, which may cause a denial of service.
See the following for more information about the vulnerability.
Microsoft Windows OLE remote code execution vulnerability
Attackers can exploit this vulnerability to run arbitrary code in the context of the application, which may cause a denial of service.
Condition and method of exploitation
- Microsoft Windows Server 2003
- Microsoft Windows XP
- Microsoft Windows XP Embedded
How to fix or mitigate
Do not run programs with the administrator privilege, and always run applications with minimal permissions. We recommend that you create a common account for each application and grant permissions to this account.
Install Microsoft updates as soon as possible. Alibaba Cloud users can download and install the patches by means of Windows Update or manually. Click to download.