Msmq

MS08-065 : Exploitable for remote code execution?

Tuesday, October 14, 2008

Today, we released MS08-065 to fix an issue in MSMQ. You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible. However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ service were installed by default on any affected Windows configuration, we would have rated this one Critical.

Exploitability
Msmq
RPC
Timing attack

MS07-065 - The case of the significant suffix

Thursday, December 27, 2007

MS07-065 fixed a vulnerability in the Message Queueing service. On Windows 2000, a remote anonymous attacker could use this vulnerability to run code as local system on unpatched machines. Windows XP added defense-in-depth hardening to disallow remote access for this service that does not need to be exposed remotely. So on Windows XP, the attacker must be logged on locally on the box.

DNS
Mitigations
Msmq