Exploitability

MS09-001: Prioritizing the deployment of the SMB bulletin

This month we released an update for SMB that addresses three vulnerabilities. This blog post provides additional information that might help prioritize the deployment of this update, and help explain the risk for code execution. In the bulletin you will see that the cumulative severity rating is Critical for Windows 2000, XP and Server 2003 …

MS09-001: Prioritizing the deployment of the SMB bulletin Read More »

Windows Media Player crash not exploitable for code execution

On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system. We investigated right away and found that this bug cannot …

Windows Media Player crash not exploitable for code execution Read More »

More detail about MS08-067, the out-of-band netapi32.dll security update

Today Microsoft released a security update that fixes a remote code execution vulnerability in the Windows Server Service. This is a serious vulnerability and we have seen targeted attacks using this vulnerability to compromise fully-patched Windows XP and Windows Server 2003 computers so we have released the fix “out of band” (not on the regular …

More detail about MS08-067, the out-of-band netapi32.dll security update Read More »

MS08-065 : Exploitable for remote code execution?

Today, we released MS08-065 to fix an issue in MSMQ.  You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible.  However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ service were installed by …

MS08-065 : Exploitable for remote code execution? Read More »

MS08-030: All bark and no bite? The case of the Bluetooth update

This morning we released a critical update for Windows addressing a vulnerability in the Microsoft Bluetooth stack (MS08-030). The bulletin is rated Critical since it allows an attacker to corrupt memory in the Windows kernel, which theoretically could allow an attacker to execute code in the context of the operating system on the remote computer. …

MS08-030: All bark and no bite? The case of the Bluetooth update Read More »