This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature will detect attempts to exploit a remote code execution vulnerability in Windows search.
A remote code execution vulnerability exists in Windows Explorer which allows an attacker to construct a malicious web page that includes a call to the search-ms protocol handler, which passes untrusted data to Windows Explorer.
To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-4269.
Download and install all vendor patches related to this vulnerability.