这表明攻击企图利用 Microsoft Windows 中的内存损坏漏洞。该漏洞是由于恶意软件保护引擎处理恶意 javascript 代码时发生的错误造成的。攻击者可以通过诱使毫无戒心的用户访问恶意网页并在应用程序的上下文中执行任意代码来利用这一点。

Microsoft Endpoint Protection Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Forefront Endpoint Protection Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Windows Defender for Windows 10 Version 1607 for 32-bit Systems Windows Defender for Windows Server 2016 (Server Core installation) Windows Defender for Windows 10 Version 1703 for 32-bit Systems Windows Defender for Windows 10 Version 1511 for x64-based Systems Windows Defender for Windows RT 8.1 Windows Defender for Windows 8.1 for 32-bit systems Windows Defender for Windows 10 Version 1511 for 32-bit Systems Windows Defender for Windows 10 Version 1607 for x64-based Systems Windows Defender for Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Defender for Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Defender for Windows 10 for x64-based Systems Windows Defender for Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Defender for Windows 7 for 32-bit Systems Service Pack 1 Windows Defender for Windows 8.1 for x64-based systems Windows Defender for Windows 10 for 32-bit Systems Windows Defender for Windows 7 for x64-based Systems Service Pack 1 Windows Defender for Windows Server 2016 Windows Defender for Windows 10 Version 1703 for x64-based Systems Windows Intune Endpoint Protection

系统被入侵：远程攻击者可以控制易受攻击的系统。

有关建议的解决方法，请参阅供应商的网站。 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540