CVE-2017-8589

Обходное решение

Disable WSearch service

Interactive workaround deployment steps

1. Click Start, click Run, type "regedit" (without the quotation marks), and then click OK.
2. Expand HKEY_LOCAL_MACHINE
3. Expand System, then CurrentControlSet, then Services
4. Click on WSearch
5. Click the File menu and select Export.
6. In the Export Registry File dialog type “WSearch_configuration_backup.reg” and press Save.
7. Double-click the value named Start and change the Value data field to 4
8. Click OK
9. Run the following command at a command prompt running as an administrator:

   sc stop WSearch

Impact of workaround The Windows Search functionality will not be available to applications that use it for searches.

How do undo the workaround Click Start , click Run , type "regedit " (without the quotation marks), and then click OK. Click the File menu and select Import. In the Import Registry File dialog select “WSearch_configuration_backup.reg” and press Open.

Managed workaround deployment steps

1. First a backup copy of the registry keys can be made from a managed deployment script with the following command: regedit /e WSearch_configuration_backup.reg HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WSearch
2. Next save the following to a file with a .REG extension (e.g. Disable_WSearch.reg)

3. Run the registry script created in step 2 on the target machine with the following command: regedit /s Disable_WSearch .reg
4. Run the following command at a command prompt running as an administrator: sc stop WSearch

Impact of workaround The Windows Search functionality will not be available to applications that use it for searches.

How to undo the workaround Restore the original state by running the following command: regedit /s WSearch_configuration_backup.reg