MS09-026: How a developer can know if their RPC interface is affected

Today we are releasing MS09-026 which fixes a vulnerability in the Microsoft Windows RPC (Remote Procedure Call) NDR20 marshalling engine. This component is responsible for preparing data to be sent over the network and then translating it back to what the server or client application uses. NDR20 is specific to 32-bit applications that use RPC…

0

Most common questions that we've been asked regarding MS08-067

Since the release we have received several great questions regarding MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), thus we decided to compile answers for them. We still want to encourage everyone to apply the update.   Can the vulnerability be reached through RPC over HTTP? No, the vulnerability cannot be reached through RPC over HTTP. RPC over HTTP is an…

0

More detail about MS08-067, the out-of-band netapi32.dll security update

Today Microsoft released a security update that fixes a remote code execution vulnerability in the Windows Server Service. This is a serious vulnerability and we have seen targeted attacks using this vulnerability to compromise fully-patched Windows XP and Windows Server 2003 computers so we have released the fix “out of band” (not on the regular…

0

MS08-065 : Exploitable for remote code execution?

Today, we released MS08-065 to fix an issue in MSMQ.  You’ll notice that the bulletin was rated “Important” and indicates that remote code execution is possible.  However, we would like to show you that in practice the severity of the fixed issue is limited only to information disclosure. If the MSMQ service were installed by…

0

MS08-059 : Running Microsoft Host Integration Server 2006 as non-admin

Microsoft Host Integration Server 2006 is an interesting product.  It allows developers to manage business processes on IBM mainframe and AS/400 (big iron) servers as XML web services.  You can find a free trial version available for download at http://www.microsoft.com/hiserver/downloads/default.mspx. Unfortunately, access to the management interface was not properly locked-down.  MS08-059 is an update for…

0

XP SP3 range check hiding an overflow condition?

We have received a few inquiries about the full disclosure posting http://seclists.org/fulldisclosure/2007/Dec/0470.html , where a range check was added in Windows XP SP3 for the Terminal Server RPC function RpcWinStationEnumerateProcesses.  The speculation stated that this change was to hide an overflow condition, potentially leading to an exploitable vulnerability in previous Windows versions.  In reality, this…

0