Information security researchers have discovered a dangerous vulnerability in one of the Windows Search components. The danger lies in the possibility of remotely opening a window containing remotely stored malware executable files.
The vulnerability lies in the handling of the “search-ms” URI protocol, which allows applications and HTML links to run custom searches on the device. Windows search is directed inside the device and finds files in the system, but with a declared vulnerability, this function can be directed to file shares located on remote hosts.
The problem can be implemented through Microsoft Office files using “search-ms”. In this case, the vulnerability allows opening a remote search window using a Word document.