Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • PC Hardware

    Microsoft: Windows Vulnerability Unlikely to Be Exploited Remotely

    By
    Brian Prince
    -
    February 17, 2011
    Share
    Facebook
    Twitter
    Linkedin

      Exploit code for a new zero-day vulnerability targeting Windows systems has appeared on the Web.

      On Valentine’s Day, an anonymous researcher going by the name “Cupidon-3005” released proof-of-concept code for a Server Message Block (SMB) vulnerability affecting the CIFS (Common Internet File System) browser service.

      More specifically, the vulnerability is inside an error-reporting function of the CIFS browser service module, explained Matt Oh of the Microsoft Malware Protection Center Vulnerability Response Team.

      “An attacker triggers the vulnerability by causing multiple string arrays to be concatenated,” he blogged. “The target buffer to which the concatenated string arrays are pushed has a pre-allocated fixed size. When the remaining target buffer length becomes 0, the string copy loop should exit, but it does not. The length is decremented by one more before the actual string copy instructions are executed, which is intended to reserve the string’s NULL termination. Suddenly, the length of the string to be copied becomes a huge number due to the integer underflow. The next string copy operation will attempt to copy an extremely large number of bytes from the source address to the target buffer, and then the overflow ensues.”

      While Microsoft contends the issue is unlikely to be exploited remotely, VUPEN Security noted in an advisory that the situation “could be exploited by remote unauthenticated attackers or local unprivileged users to crash an affected system or potentially execute arbitrary code with elevated privileges.” The researcher who first reported the bug, however, was in agreement with Microsoft that remote execution was not probable.

      “Based on our initial investigation, this vulnerability cannot be leveraged for remote code execution [RCE] on 32-bit platforms,” said Jerry Bryant, group manager of response communications for Microsoft’s Trustworthy Computing Group. “We are still investigating the possibility of code execution on 64-bit platforms, but so far have not found a likely scenario that would result in reliable code execution.

      “Nearly 4GB of consecutive address space would need to be mapped to achieve code execution on 32-bit systems, or 8GB on 64-bit systems,” Bryant added. “Therefore, we believe that this vulnerability is unlikely to result in code execution and more likely in the real world to be leveraged for denial of service only.”

      Until the flaw is patched, users can block or filter UDP and TCP ports 138, 139 and 445 for protection, according to VUPEN.

      Brian Prince

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×