June 18, 2021

Microsoft Patch Remote Code Execution Vulnerability in WINS

Microsoft has issued a patch for a remote code execution vulnerability in WINS, the Windows Internat name service, as part of May’s Patch Tuesday. The vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service. The fix corrects a logic error that occurs when buffers are passed as parameters.

This security update is rated Critical for servers running WINS on Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2. Itanium installations aren’t affected.

According to Computerworld some security researchers think Microsoft is trying to play down the importance of this patch as the summary stated that “by default, WINS is not installed on any affected operating system. Only customers who manually installed this component are affected by this issue.” But the probability is that most government and corporate networks have WINS installed in the data center.

The other security problem fixed on May’s Patch Tuesday was a remote code execution in PowerPoint. If a user opened a specially crafted malicious PowerPoint file an attacker could gain the same user rights as a logged-on user. Affected versions of Office are Microsoft Office XP, 2003 and 2007. But also Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac and the Open XML File Format Converter for Mac.

The H Security: Scope of DLL security problem widens – Update

After HD Moore released details last week about the DLL problem under Windows, along with a testing tool, an increasing number of affected applications and their matching exploits have been reported. In addition to Firefox and Opera, vulnerable programs include such popular applications as PowerPoint, Photoshop, Dreamweaver, VLC, uTorrent and Wireshark – in each case, the current version is affected. They all use an insecure way of loading DLLs in which at an early stage the search order contains the current directory – a directory that could be on a network device.

Read the full story here.

Source:[The H Security]