Return to My location's details | List All Locations

Share |

Remote Buffer Overflow Vulnerability in Windows

Question

Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability

Answer

This question was answered on July 1, 2005. Much of the information contained herein may have changed since posting.

Microsoft SMB is susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.

Remote attackers may exploit this vulnerability to execute arbitrary machine code in the context of the kernel containing the vulnerable code. Microsoft has stated that other attack vectors may exist, in the form of passing malicious parameters to the affected component, either locally or remotely.

Failed exploit attempts will likely crash the affected computer, denying service to legitimate users. This vulnerability effects all current Windows operating systems and has been addressed by a Windows Hotfix.

For more information on this exploit, as well as the fix and prevention, click here.

Author

Posted by Chad of Data Doctors on July 1, 2005

Personal Services | Business Services | Radio Show | Free Help Center | Franchising | About Us | Sitemap

Business Network Solutions | Computer Data Recovery | Computer Franchises | Computer Hardware Repair | Computer Help | Computer Network Support | Computer Problems | Computer Repair | Computer Troubleshooting | Data Recovery | Data Recovery Service | Data Recovery Services | Disk Recovery | File Recovery | Wireless Networking Solutions