Exploitability – Page 8 – Microsoft Security Response Center

Stack overflow (stack exhaustion) not the same as stack buffer overflow

Security Research & Defense / By swiat / January 28, 2009 June 20, 2019

Periodically we get reports into the MSRC of stack exhaustion in client-side applications such as Internet Explorer, Word, etc. These are valid stability bugs that, fortunately, do not lead to an exploitable condition by itself (no potential for elevation of privilege). We wanted to clarify the distinction between stack exhaustion and stack buffer overflow. Stack …

Stack overflow (stack exhaustion) not the same as stack buffer overflow Read More »

MS09-001: Prioritizing the deployment of the SMB bulletin

Security Research & Defense / By swiat / January 9, 2009 June 20, 2019

This month we released an update for SMB that addresses three vulnerabilities. This blog post provides additional information that might help prioritize the deployment of this update, and help explain the risk for code execution. In the bulletin you will see that the cumulative severity rating is Critical for Windows 2000, XP and Server 2003 …

MS09-001: Prioritizing the deployment of the SMB bulletin Read More »

Windows Media Player crash not exploitable for code execution

Security Research & Defense / By swiat / December 29, 2008 June 20, 2019

On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system. We investigated right away and found that this bug cannot …

Windows Media Player crash not exploitable for code execution Read More »

More detail about MS08-067, the out-of-band netapi32.dll security update

Security Research & Defense / By swiat / October 23, 2008 June 20, 2019

Today Microsoft released a security update that fixes a remote code execution vulnerability in the Windows Server Service. This is a serious vulnerability and we have seen targeted attacks using this vulnerability to compromise fully-patched Windows XP and Windows Server 2003 computers so we have released the fix “out of band” (not on the regular …

More detail about MS08-067, the out-of-band netapi32.dll security update Read More »

Bulletin severity for October bulletins

Security Research & Defense / By swiat / October 14, 2008 June 20, 2019

Bulletin severity is an interesting topic to many blog readers. We often hear that you think a bulletin should be rated higher or lower. Sometimes we even hear one person suggesting a higher rating and another suggesting a lower rating for the same issue. J This post is not to advocate for or against the …

Bulletin severity for October bulletins Read More »

MS08-065 : Exploitable for remote code execution?

Security Research & Defense / By swiat / October 14, 2008 June 20, 2019

Today, we released MS08-065 to fix an issue in MSMQ. You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible. However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ service were installed by …

MS08-065 : Exploitable for remote code execution? Read More »

MS08-030: All bark and no bite? The case of the Bluetooth update

Security Research & Defense / By swiat / June 10, 2008 June 20, 2019

This morning we released a critical update for Windows addressing a vulnerability in the Microsoft Bluetooth stack (MS08-030). The bulletin is rated Critical since it allows an attacker to corrupt memory in the Windows kernel, which theoretically could allow an attacker to execute code in the context of the operating system on the remote computer. …

MS08-030: All bark and no bite? The case of the Bluetooth update Read More »