Remote Buffer Overflow Vulnerability in Windows

Question

Microsoft Incoming SMB Packet Validation Remote Buffer Overflow Vulnerability

Answer

This question was answered on July 1, 2005. Much of the information contained herein may have changed since posting.

Microsoft SMB is susceptible to a remote buffer overflow vulnerability This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.

Remote attackers may exploit this vulnerability to execute arbitrary machine code in the context of the kernel containing the vulnerable code Microsoft has stated that other attack vectors may exist, in the form of passing malicious parameters to the affected component, either locally or remotely.

Failed exploit attempts will likely crash the affected computer, denying service to legitimate users This vulnerability effects all current Windows operating systems and has been addressed by a Windows Hotfix.

For more information on this exploit, as well as the fix and prevention, click here.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Chad of Data Doctors on July 1, 2005