Previous: 
Next: 
Vulnerability in Server Service Could Allow Remote Code Execution
**Security Update - Severity Rating: Critical**
This security update resolves a privately reported vulnerability in the Server service. This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. If an exploit attempt fails, this could also lead to a crash in Svchost.exe. If the crash in Svchost.exe occurs, the Server service will be affected. The Server service provides file, print, and named pipe sharing over the network. The vulnerability is caused by the Server service, which does not correctly handle specially crafted RPC requests. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.
Here are the specifics on the vulnerabilities covered by this update:
- Server Service Vulnerability – CVE-2008-4250
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB958644.
|
Related Posts |
Comment Meta:RSS Feed for comments
TrackBack URI
XHTML:You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
 | |
Information that makes life easier when it comes to installing, managing, and using Windows 7. | |
More Options ...
Categories
Tag Cloud
Blog RSS
Comments RSS
Last 50 Posts 
Back
Void 
Life 
Earth 
Wind 
Water 
Fire