MS11-042 - Critical : Vulnerabilities in Distributed File System Could Allow Remote Code Execution (

Discussion in 'Security Alerts' started by News, Sep 8, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,214
    Likes Received:
    20
    Severity Rating: Critical
    Revision Note: V1.1 (June 14, 2011): Moved Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 from the affected software table to the non-affected software table. This is an informational change only. There were no changes to the security update files or detection logic.
    Summary: This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

    More...
     

Share This Page

Loading...